GREEN TORNADO
INTERNAL GDPR POLICY
MAY 2018
“ At Green Tornado, we are committed to maintaining the trust and confidence of our clients and visitors to our web site. We want you to know that Green Tornado is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. Below we have clearly outlined our procedures and strategy, to support GDPR and become compliant, and to safeguard everyone’s personal data. All our employees are aware and trained to deal with data in a responsible way under the guidelines of GDPR.“
What types of data do we hold?
When someone visits www.greentornado.co.uk we use a third-party service called Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make any attempt to find out the identities of those visiting our website.
If we ever need to email a prospective client we always ensure that a clearly marked ‘unsubscribe’ button is available, and we do not send to individuals, only business, as per the guidelines for legitimate interest under the General Data Protection Regulations.
We make every effort to make sure that anyone contacted has the ability to opt-out of any correspondence from us with ease. This is usually done by the presence of a link within an email or alternatively you can email gdpr@greentornado.co.uk.
Our password policy
We enforce a password policy that is secure and has a set period of time for passwords to be changed on our systems.
Do you share my personal data?
We will not share any of your personal data with any third parties for any purposes, except where it is necessary for the performance of a contract or where we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
Where do you store my data?
We store your data internally on servers that are backed up daily. We also store an offsite back up incase fire risk. They are protected by a strong firewall and have antivirus and malware protection at all times.
WHAT ARE YOUR RIGHTS?
Under the GDPR, you have the following rights, which we will always work to uphold:
This right provides you with the ability to ask Green Tornado for information about what personal data is being processed and the rationale for such processing.
This right provides you with the ability to get access to your personal data that is being processed. This request provides the right for you to see or view your own personal data, as well as to request copies of the personal data.
How can I access my personal data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a ‘Subject Access Request’.
All subject access requests should be made in writing and sent to the email or postal addresses provided in this Privacy Statement.
A rights request can be made by an individual or an individual’s legal representative. Such individual could be a customer, an employee, or personnel of a supplier working for the company. Also, such request should usually be made in writing and sent to the email or postal addresses provided in this Privacy Statement.
This right provides you with the ability to ask for modifications to your personal data in case you believe that this personal data is not up to date or accurate.
This right provides you with the ability to withdraw a previously given consent for processing of your personal data for a purpose. The request would then require that Green Tornado stop the processing of the personal data that was based on the consent provided earlier.
This right provides you with the ability to object to the processing of your personal data. Normally, this would be the same as the right to withdraw consent, if consent was appropriately requested and no processing other than legitimate purposes is being conducted. However, a specific scenario would be when you ask that your personal data should not be processed for certain purposes while a legal dispute is ongoing in court.
This right provides the data subject with the ability to object to a decision based on automated processing. Using this right, you may ask for your request to be reviewed manually, because you believe that automated processing may not consider the unique situation of the customer.
Also known as right to erasure, this right provides you with the ability to ask for the deletion of your data. This will generally apply to situations where a customer relationship has ended. It is important to note that this is not an absolute right and depends on your retention schedule and retention period in line with other applicable laws.
This right provides you with the ability to ask for transfer of his or her personal data. As part of such request, you may ask for his or her personal data to be provided back to you or transferred to another controller. When doing so, the personal data must be provided or transferred in a machine-readable electronic format.
Any questions relating to our ‘Data Processing’ activities should be sent by
email to
gdpr@greentornado.co.uk
or in
writing to Green Tornado, Victoria House, 2 Britannia Road, Brentwood ,
Essex, RM14 5LD. Alternatively, you can call us on 01277 849161.
If you have any questions or would simply like to discuss a new project, feel free to get in touch by clicking below. Alternatively, you can call us on 01277 849161.
Victoria House,
2 Britannia Road
Brentwood,
Essex
CM14 5LD
Looking for great service and affordable web design, Green Tornado can meet your needs. We’re here to help you grow your business – no matter how big or small.
Address :
Victoria House,
2 Britannia Road,
Brentwood,
Essex,
CM14 5LD