WHAT IS GDPR?
GDPR is a data protection law which came into full effect on 25th May 2018. It sets out the main principles of data protection and the responsibilities organisations have when they handle personal data. It protects individuals’ personal information and improves their control and how it is collected, stored, shared and used.
Athena 9 LTD is subject to the new GDPR regulations and we need to let you know what personal information we hold about you and why, and what your rights are. Our details are:
Organisation Name: Athena 9 LTD
Address: 42-44, Nottingham Road, Mansfield, Nottinghamshire, NG18 1BL
Telephone Number: 07906022991
Email Address: firstname.lastname@example.org
Website Address: www.athena9.com
IF YOU HAVE ANY ENQUIRIES RELATING TO GDPR, THEN PLEASE CONTACT ME BY ONE OF THE ABOVE MEANS.
THE PURPOSE OF PROCESSING INFORMATION WE HOLD:
The purpose of holding and using information we retain is simple; we only use your personal data for contacting you with regards to: 1. Our business relationship, or 2. to any project which we are (or may potentially be) working on together. I may also use your information to send you any communication which may be of interest. When you either phone, email or text me, I would hold this data to help me formulate a response to you. In other words, this is used for related support or another related service support.
In the event that I need to share your data it will be in the usual course of business between us, i.e., sharing your address for a print delivery for example.
LAWFUL BASIS FOR HOLDING AND USING YOUR PERSONAL INFORMATION:
The lawful basis under which I hold and use this information is “our legitimate business interests”, i.e. my requirement to supply you with a full and proper service, whether it is consultancy, coaching or training or if you contact me by phone, email or text so I can provide you with the best possible support.
WHAT INFORMATION I HOLD AND WHAT WE DO WITH IT:
In order to provide you with a service, I have to ask for and keep information about you. I will not use this information for any other purpose (except as required for legal purposes) without your prior consent. The information I would hold is:
• Your contact details, i.e. name, telephone number, postal address and email address.
• If relevant, a record of any contact with you.
I may retain this information in respect of you having an on-going project, to provide you with support, or to send communications which may be of interest to you.
Our website does not require you to input personal data to use it. You may however volunteer personal data such as your name and email address to request information, updates and our services. That information is required to deal with your query appropriately.
HOW LONG WE KEEP YOUR INFORMATION:
Your information is held on our system while you have a business relationship with us. If you wish at any point for your details to be deleted, please notify us and we will remove your records. Any invoices will however be kept on file in the usual course of business.
I am committed to ensuring that your personal data is secure. In order to prevent unauthorised access or disclosure, I have in place appropriate electronic/technical and manual security procedures to safeguard and secure the information collected from you.
My computer, tablet and smart phone are password secure, and our invoicing system can only be accessed by myself.
DATA PROTECTION BREACH OF SECURITY:
A personal protection data breach is a security incident affecting the confidentiality, integrity or availability of personal data, whether caused deliberately or accidentally. In the event of this happening by law the ICO must be notified where there may be a risk to the rights and freedoms of individuals. I will do this by calling the ICO helpline on 0303 123 1113. The ICO will help me decide if I have to contact you the subject matter regarding it.
GDPR GIVES YOU THE FOLLOWING RIGHTS:
The right to be informed: to know how your information will be held and used (this notice)
The right of access: to see my records of your personal information, so that you know what is held about you and can verify it.
The right to rectification: to tell me to make changes to your personal information if it is incorrect or incomplete.
The right to erasure (also called “the right to be forgotten”): for you to request me to erase any information I may hold about you if you ask me not to hold this anymore.
The right to restrict processing of personal data: you have the right to request limits on how I use your personal information.
The right to data portability: under certain circumstances you can request a copy of personal information held electronically so you can reuse it in other systems. (Probably not applicable as I do not intend to store information electronically).
The right to object: to be able to tell me you don’t want me to use certain parts of your information, or only to use it for certain purposes.
The right to lodge a complaint: this would be to the Information Commissioner’s Office (ICO). To be able to complain if you felt your details are not correct, if they are not being used in a way you have given permission for, or if they are being stored when they don’t have to be.
OTHER SHARED PERSONAL INFORMATION:
Any shared personal information for any work that we undertake for you will, as you would expect, be kept confidential in the same way that your own information is protected. All our emails are held on a Microsoft secure server.