This Policy is applicable to our Interested parties (Customers, Suppliers, Contractors, Agencies etc). It’s purpose is to set out how we manage your Personal Data in line with GDPR requirements.
What Personal Data do we hold/process?
- Personal and Business Contact Details
- Payment/Bank Details (for payment to or from us)
- Information from other sources such as credit reference agencies
- We do not hold any Sensitive Personal Data
How do we use this Data?
We will only process your personal data where there is a Legitimate Interest or Legal Obligation (as described within GDPR regulation).
Who might we share this Data with?
We will only share your data where there is a Legitimate Interest or Legal Obligation. (as described within GDPR regulation).
How we protect this Data?
- Your data will only be made available to those employees, agents, contractors and other third parties that have a legitimate business need for such access.
- Electronic data is stored securely and either encrypted or password protected.
- Physical data is stored securely within our premises and not in any areas accessible by the general public.
Your Rights of Access, Erasure and Objection
It is important that the data we hold about you is accurate and current. Please keep us informed if any details need to be changed. By law you may have the right to request access to and correct the personal data that we hold about you, or object to the processing of your personal data under certain circumstances. You may also have the right to request that we transfer your personal data to another party. If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us at firstname.lastname@example.org or in writing to Customer Services, Naish Felts Ltd, Crow Lane, Wilton, Salisbury SP2 0HD.
How long will we keep this Data for?
Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In any event this will not usually exceed 25 years from our last engagement with you after which the personal information will be securely destroyed.