Into The Breach handyman Services needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts and other people the organisation has a relationship with or may need to contact. This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards — and to comply with the law.
Why this policy exists
This privacy and data protection policy ensures Into The Breach Handyman Services:
- Complies with data protection law and follow good practice
- Protects the rights of staff, customers and partners
- Is open about how it stores and processes individuals’ data
- Protects itself from the risks of a data breach
Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, Into The Breach Handyman Services
“you”, “the user” refer to the person(s) using our services
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Data protection law
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).
This policy applies to Into The Breach Handyman Services as a company and applies to anyone who may have access to sensitive information which needs to be protected.
It applies to all data that the company holds relating to identifiable individuals,
This can include:
- Names of individuals
- Postal addresses
- Email addresses
- Telephone numbers
- …plus any other information relating to individuals
Privacy and data protection risks
This policy helps to protect Into The Breach Handyman Services from some very real security risks, including:
- Breaches of confidentiality. For instance, information being given out inappropriately.
- Failing to offer choice. For instance, all individuals should be free to choose
how the company uses data relating to them.
- Reputational damage. For instance, the company could suffer if hackers
successfully gained access to sensitive data.
Everyone who works for or with us has some responsibility for ensuring data is collected, stored and handled appropriately.
We endeavour to comply with the law and GDPR at all times as well as informing the ICO in the event we believe sensitive information has been compromised or used inappropriately.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and or process any personal information about you electronically using the following lawful bases.
We are exempt from registration in the ICO Data Protection Register because we only process personal data for the core business purposes and therefore do not have to register with the ICO.
Lawful basis: Contract
The reason we use this basis: the processing is necessary for a contract we have with the individual, or because they have asked you to take specific steps before entering into a contract. A more practical example is when you email your personal information to us in order for us to provide a service such as a quotation for a specific service or in order to carry out that accepted quotation.
We process your information in the following ways:
Data retention period: We shall continue to process your information until you request otherwise or the information is no longer required by us.
Sharing your information: We do not share your information with third parties. We do not database, catalogue or collate any of the information you share with us. All information remains in the original electronic form in which you freely transmitted to us and is stored online under 128bit encryption email service of which only I have access to.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Your individual rights
Under the GDPR your rights are as follows:
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
- You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
In summary Into The breach Handyman services is exempt from registration in the ICO Data Protection Register because we only process personal data for the core business purposes and therefore do not have to register with the ICO. We only keep the electronically transmitted data from clients who have willingly given us the information. Individuals who do so agree with our policy and give their consent for us to have it. We will protect that data and it will not be shared outside our company.