The Company is fully committed to comply with the requirements of the Data Protection Act GDPR 2018. The Acts applies to anyone processing personal data and sets out principles which should be followed and it also gives rights to those whose data is being processed.
To this end, the Company endorses fully and adheres to the eight principles of data protection as follows:
- data must be processed fairly and lawfully
- data must only be obtained for specified and lawful purposes
- data must be adequate, relevant and not excessive
- data must be accurate and up to date
- data must not be kept for longer than necessary
- data must be processed in accordance with the “data subject’s” (the individual’s) rights
- data must be securely kept
- data must not be transferred to any other country without adequate protection in place
We adhere to all eight principles by applying and following all company procedure and policies, a full explanation and notice below confirms how we collect, share and secure all data received and stored.
The information we collect and hold is as follows: –
- Your name
- Contact Details
- Business and mobile numbers
- Email Addresses
- Bank Details
- Company Registration Details
- VAT Registration Details
- Delivery Address
- Site Contact details
- Order Numbers
- Pricing Details
- Invoice Details
- Payment Transaction Details
This information is collected from your initial account application form, purchase requisition order, correspondence received, emails, letters, related conversations or if requested from a company information update form.
Information is obtained to allow us to set up and manage company accounts, gain credit limits, to maintain business records, ensure good business practices and to comply with legal requirements.
We use this information within our company software accounting systems to allow us to create orders, deliveries, invoices, remittances, to make payments and maintain customer portals where available.
We may need to share some information held with other parties, such as external contractors i.e. distribution companies, professional advisors, social media, marketing campaigns (mail chimp) or government departments to comply with the law. Information will always be anonymised where practically possible and only to trusted parties
Other information may be held from automated monitoring of our website, computer networks with backup systems, remote access systems, emails, CCTV monitoring system, internet facilities, mobile phone records, voicemail, security firewalls.
Information will be held at our offices and trusted third party agencies, service providers, representatives and agents.
Data is kept during and after the business relationship and transactions between companies for no longer than necessary for the purposes of which the process is necessary and are legally obliged to do so.
We endear to ensure all security measures are appropriate and current, security measures are in place to prevent and prevail any such risks. Employees have been trained on all company policies in cyber fraud and data storage to prevent loss or unauthorised access to company systems including secure password procedures. External IT maintenance with firewalls and continuous backup surveillance processes prevents and reduces any data breach. Access is limited to only the relevant staff members for genuine business need. When information is processed it is performed by only authorised personal and always treated confidentially.
In the event of any suspected data breach procedures are in place to deal with such a situation and both you and the regulator will be informed as we are legally obliged to do so.
You have the right to know what data is held, also check, correct and have access to your information. If required you also have the right to ask for your information to be erased (the right to be forgotten) where legally possible.
For any request as above please contact our main office on our company number or email address as below:
Tel: 0191 2500818
You will be directed to the correct department where any request and updates will be duly complied where possible. If information is unable to be deleted due to legal requirements a representative of S and B will provide further information to the reasons of compliance.
If for any reason we are unable to resolve your query and are unhappy with the explanation you may raise your concerns direct to the Commissioner using the following contact details.
Information Commissioner Ico.org.uk/concerns/ Tel: 0303 123 1113