DATA PROTECTION POLICY
FOR Customers
Total Managed Solutions Ltd has always valued working relationships through communication and trust. When it comes to data privacy and protection it is therefore our privilege to confirm the integrity and commitment we want to show to our customers. It is for the purposes of offering excellent service that we would seek to process and protect your information. We also understand that at times we may also receive information that is ‘personal’, meaning that it could be used to identify a specific person. In this document we endeavour to deal with all kinds of information we hold on behalf of our customers.
Document contents:
Purpose & types of data
Data storage & protection
Data access, review & removal
Staff and contractor guidance
Data breeches and customer concerns
1. Purpose & types of data
Our purpose for processing and storing your data is for, communication, service provision, and future prospecting. There are two ways in how we use and process your data and we have described as best as we can, what data we collect and process, and why we need it to function well as a business.
a. Non automated communication
Purpose
TMS will utilise specific personal data made available via communication, service provision and future prospecting, with the customer. We intentionally keep these records securely for the purposes of carrying out our services. Under article 6 of the GDPR our justification for processing comes under ‘contractual’ grounds.
Information we process
•• First/last names
• Contact numbers
• Email addresses
• Occupation & company position
• Business/site locations
• Contact preferences (service requirements, gifts etc.)
b. Automated email marketing
Purpose
Automated emailing for the purposes of updating our clients with the latest products, services, and general company information, are made available on an opt-in basis. Under article 6 of the GDPR, our justification for processing comes under ‘opt-in’ grounds.
Information we process
• First/last names
• Email addresses
Note- Automated marketing is carried out on a third-party platform.
2. Data storage & protection
TMS stores data digitally, within the strategy of how we operate as a business. The following table will describe where we store our customer’s information and how it is protected. TMS uses third-party cloud services to reduce the need to transfer or email files, and therefore limiting exposure.
| Item | Location/s | Protection/s |
|---|---|---|
| Business PCs | Secured offices & mobile personnel | Password encrypted |
| Backups hardware | Secured offices | Password encrypted |
| Backups software | Cloud services | Third-party policy (view) |
| Hardcopy documents | Secured offices | Static and secured |
| Mobile phones | Mobile personnel | Password protected |
| Information we process | Cloud services | Third-party policy (view) |
3. Data access, review & removal
TMS recognises that any information that can be used to identify any individual does not belong to them and is held on the relevant person’s behalf. An individual holds the right to contact TMS to review, update, or delete their personal information. Any valid requests will be completed within 30 days of the request, unless an extension is required for complex/numerous requests. Any individual has a right to their own personal information, however to protect personal information getting into the wrong hands we require one of the following:
Requests to be sent in writing (email) from the individual’s usual email account
Email requests to be sent to TMS from the individual’s recognised email account
Where there is any doubt to the ownership of any information, TMS will not release any information without taking further steps to verify that ownership. TMS also holds the right under GDPR to compensate themselves for fair administrative costs for unfounded, excessive and repetitive demands.
4. Staff and contractor guidance
All TMS staff will be obligated to adhere to a data protection protocol. The training will cover these specific areas:
General Data Protection Regulations overview
Correct channels of communication
Processing & protecting information
Identifying data breaches
5. Data breeches and customer concerns
Upon confirmation of data breach, TMS will notify the relevant company or individual within 72 hours. Records of personal data breaches will be kept to strengthen our safeguarding.
For any further queries please send your requests via email: info@totalmanagedsolutions.co.uk