Freestead Process Technology

Data Protection Privacy Policy

INCORPORATING GDPR

1. INTRODUCTION

Freestead Process Technology Limited undertakes the Supply, Installation, Service and Support of Process Equipment for the Pharmaceutical and Biotechnology Industries, including being a provider of Maintenance and Service Contracts and 24/7 On Call Support.

This policy applies to the personal data we hold on the personnel who work for our customers and our suppliers and you are a ‘data subject’ for the purposes of this policy. The security and privacy of your data is taken seriously by us, but we need to obtain and use information or data as part of our business and to manage and carry out our contractual obligations to you. We are committed to complying with all our data protection legal obligations.

Freestead Process Technology has a separate policy in place for current and former employees, workers, apprentices and consultants. Freestead Process Technology has taken steps to protect the security of your data in accordance with our Data Security Policy and will train staff about their data protection responsibilities as part of the induction process. We will only hold data for as long as is necessary for the purposes for which we collected it and in order to meet our contractual obligations. Freestead Process Technology is a ‘Data Controller’ under GDPR, which comes into force on 25th May 2018, for the purposes of the personal data held by this company. This means that we will determine the purposes and means of processing the personal data.

This policy explains how the company will hold and process your data.

 

2. DATA PROTECTION PRINCIPLES

Personal data must be processed in accordance with six data protection principles. It should be:

  • Processed fairly, lawfully and in a transparent manner.
  • Collected and processed only for specified explicit and legitimate purposes.
  • Adequate, relevant and limited to what is necessary for the purposes for which it is processed.
  • Accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay.
  • Kept for no longer than is necessary for the purposes for which it is processed.
  • Processed securely.

We are accountable for these principles and must be able to show that we are compliant.

 

3. HOW WE DEFINE PERSONAL DATA

Personal data means information which relates to a living person who can be identified from that data (a data subject) on its own or when taken together with other information which is likely to come into our possession.

We do not collect special categories of personal data.

 

4. LAWFULNESS OF PROCESSING

We need your information to allow us to perform our services and contracts with you based on the following legal basis:

  • Processing is necessary for the performance of a Contract.
  • Legitimate interest (as set out in Clause 5)
 

5. THE PURPOSES FOR WHICH WE USE YOUR DATA

We will collect your company and personal data for a number of reasons and to meet our contractual obligations, including the following:

  • Respond to enquiries about our company and services
  • Preparation and submitting of quotations
  • Processing of Purchase Orders
  • Arranging and carrying out our maintenance contracts
  • Email and telephone correspondence
  • Advising our customers of additional services
  • To manage our business
  • To manage feedback and queries from our customers
 

6. DATA WE HOLD

In addition to company information, such as company name, company address, site locations, etc, we hold the following personal data on company contacts working for these companies:

  • Named contacts (engineers, administrators, buyers, sales, management, accounts, etc)
  • Direct dial landline numbers
  • Mobile phone numbers
  • Fax numbers
  • Various email addresses
 

7. HOW WE STORE YOUR DATA

The information about your company, including any personal data as defined above, is either stored in hard copy files or on our secure server.

All PC stations are password protected and all the data on our server is backed up on a daily basis, encrypted to an external server in a secure location.

Any contact names and telephone numbers stored on company mobile phones or laptops are password protected.

 

8. SECURITY MEASURES

We will use appropriate technical and organisational security measures in order to keep your personal information secure against unauthorised or unlawful use and accidental loss, destruction or damage.

 

9. DATA SHARING

We do not share your data with any other third party companies, unless we are legally obliged to do so by law.

 

10. DATA RETENTION

Your data will be retained for no longer than is necessary and in accordance with our Data Retention Policy Schedule. This Schedule details out the length of time we retain various categories of files and data information that we are required to retain for as long as is necessary to fulfill the purposes for which it was collected and processed. These purposes include satisfying any contractual, legal, regulatory, accounting and reporting requirements.

 

11. HOW WE DEAL WITH DATA BREACHES

We have robust measures in place to minimise and prevent data breaches from taking place. Should a breach of personal data occur, then we will record and keep evidence of that breach. If the breach is likely to result in a risk to the rights and freedoms of individuals, then we will also notify the Information Commissioner’s Office within 72 hours.

 

12. YOUR RIGHTS

You have rights as an individual which you can exercise under certain circumstances in relation to your personal data that we hold. These rights are to:

  • Request access to your personal data and request certain information in relation to its processing
  • Request rectification of your personal data
  • Request erasure of your personal data
  • Request the restriction of processing of your personal data
  • Object to the processing of your personal data

If you want to exercise one of these rights, please contact us.

 

13. CONTACT

Please address any questions and requests regarding our data processing practices to carolyn.wyatt@freestead.co.uk

 

14. CONCERNS

If you are concerned about our use of your information, you have the right to contact the Information Commissioner’s Office. They can be contacted via https://ico.org.uk/concerns


home
services
quality assurance
about freestead
contact us
Call +44 (0)1275 463706

GMP Servicing and Technical Support for the Pharmaceutical and Biotechnology industries

Home Services Quality Assurance About Freestead Contact us Website disclaimer

© Freestead Process Technology Limited 2015. All rights reserved.   Unit 1, Havyatt Business Park, Havyatt Road, Wrington, North Somerset, BS40 5PY

Telephone +44 (0) 1934 862 561   Facsimile +44 (0) 1934 863 554   E-mail service@freestead.co.uk   www.freestead.co.uk