EUROPEAN SPRINGS AND PRESSINGS LTD – PRIVACY NOTICE TO BUSINESS PARTNERS, INCLUDING CUSTOMERS AND SUPPLIERS
1. The General Data Protection Regulation “GDPR” (Regulation (EU) 2016/679) came into force on 25th May 2018.
2. As a data processor, as described in the regulation, European Springs and Pressings Ltd have a responsibility to inform our business partners of the data we hold and how we store and use that data.
3. This Data Privacy Notice is in addition to any previously applicable terms and conditions relating to business with European Springs and Pressings Ltd.
What Information do we hold?
4. During our business relationship, we may have amassed a significant amount of personal information. This may include, but is not limited to:
- Personal Addresses
- Business Addresses
- Job Titles
- Personal Bank Account Details
- Business Bank Account Details
How your information will be used
5. In order to pursue our legitimate interest to keep and process information about you for normal business purposes, the information we hold and process may be used for:
- Compliance with our legal, regulatory and corporate governance obligations
- Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests.
- Ensuring business polices are adhered to (such as our Terms and Conditions of Sale)
- Operational reasons, such as; recording transactions, training and quality control, confidentiality of commercial sensitive information, security vetting, and credit scoring.
- Marketing our business.
- Improving our services.
We will keep and use your data to enable us to run the business and manage our relationship with you; effectively, lawfully and appropriately, for the duration of our business relationship, and afterwards.
6. As a company pursuing Spring and High Speed Pressing Manufacturing activities, we may sometimes need to process your data to pursue our legitimate business interests, for example; to prevent fraud, for administrative purposes or reporting potential crimes. We will never process your data where these interests are overridden by your own interests.
7. Much of the information we hold will have been provided by you, but some may come from other, external, sources, for example; Companies House, or credit checking services.
8. Where we are processing data based on your consent, you have the right to withdraw that consent at any time. If you had an existing business relationship with us (prior to 25th May 2018), we are assuming that you have provided consent. However; should you feel that you do not consent to us holding and processing your data, you should contact our Data Protection Officer (contact details can be found below).
9. We will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you (i.e. if you have instructed us to disclose such information or have consented for us to do so).
10. In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements. We have in place safeguards including; due diligence, ‘need to know’ and secure transfer practices, to ensure the security of your data. A copy of the safeguards can be obtained from our Data Protection Officer.
11. Your personal data will be stored for the period of our business relationship, except where the right to be forgotten has been invoked or where we are no longer legally obliged to store the data.
12. If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.
13. Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data. You have the right to:
- Request from us access to your personal data.
- Rectification of your personal data
- Erasure of your personal data (including the right to be forgotten)
- Restrict processing of your personal data
- Object to processing of your personal data
- Data portability.
- Withdraw consent at any time (which will not affect the lawfulness of the processing before your consent was withdrawn).
- Lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
Identity and contact details of the Data Protection Officer
14. European Springs and Pressings Ltd is the controller and processor of data for the purposes of the GDPR.
15. If you have any concerns as to how your data is processed you can contact our Data Protection Officer:
David Purvis: firstname.lastname@example.org