Firma-Chrome Ltd are a Business-to-Business service provider in the Metal Finishing industry.
To do business with customers we must hold certain information about them. Our preferred format for data storage will always be non-personal (firstname.lastname@example.org) however we recognise that some information we hold may be deemed personal (Richard@example.com). Whilst we have recently audited and minimised our records, we cannot avoid some personal information being held.
We recognise our responsibilities as a Data Controller and your rights as an individual, for customers, suppliers and employees under the General Data Protection Regulations (GDPR) 2018.
Our employees are informed and have given consent for the data we hold on them.
This notice is to clarify to Customers, Suppleirs and Business Associates how we manage any personal information we hold on an individual.
Personal Data we WILL STORE may include: Personal e-mail address, phone number, business address, bank details or similar.
Personal Data we DO NOT STORE include: Ethnicity, religion, political opinion or health information.
In all cases we will minimise the information stored and our policy includes the following aspects:
- All information will be stored securely and access restricted.
- We will not share any information with third parties except where we are legally obliged to do so.
- We recognise business transactions (including enquiries and emails) as Legitimate Interest and as just cause to hold data.
- An individual has the right to see the data we store on them by request. We will facilitate this by through our appointed Data Protection Officer.
- An Individual has the “right to be forgotten”. There is a facility to instruct us at the bottom of this page.
- All digitally stored and transmitted data is password protected or encrypted.
- We will periodically review stored personal data and will not keep any information longer than necessary.
Should we become aware of a breach of our system our Data Protection Officer is instructed and trained to report that breach and implement all actions in line with GDPR.
Our full Policy is available on request.