PRIVACY POLICY
The Workplace Noise Assessment Company Ltd, (hereafter “the Company”), honours the rights of its employees, customers and other users, including website visitors, to privacy and data protection. The Company is fully committed to complying with the provisions of all applicable Data Protection legislation and regulations such as Data Protection Act and EU GDPR. This Privacy Policy describes how the Company collects, uses, shares, and retains personally identifiable information provided by users of this website. The policy will be continuously assessed against new technologies, business practices, regulatory changes and the evolving needs of the Company and the services provided by the Company.
The Workplace Noise Assessment Company Ltd is registered with the Information Commissioners Office, the UK’s Data Protection Authority.
Data Controller
The data controller for all personal data collected via this website is The Workplace Noise Assessment Company Ltd. with its registered office at 45 Green Lane North Duffield, Selby, North Yorkshire, YO8 5RR. This means that we are responsible for deciding what data we collect and how we hold and use your personal data.
Data Collection
The Company collects and maintains a variety of personally identifiable information, including names, email addresses, phone numbers, payment information, social media profiles, business addresses and demographic information such as the industry sector of the business. The Company collects information directly from individuals or from the companies of the individuals. The information could be collected through e-mails, phone calls, via our website contact pages and face to face meetings. The Company does not collect personal data about individuals except when there is a legitimate business requirement or when such information is provided on a voluntary basis.
Users should also be aware that non-personal information and data may be automatically collected through the standard operation of the Company’s web servers, and by the use of cookies technology and/or Internet Protocol (“IP”) address tracking.
Purpose of Processing
The personal data collected is used by the Company to give you information in relation to the Company’s services, customer administration, account management with existing customer, to process and respond to queries received and to send marketing communications on the Company’s behalf. The Company may perform statistical analyses of user behaviour and characteristics to measure interest in and the use of various sections of the website. The personal data held by the Company may also be used to help us to improve the features and content of the website or other marketing material.
The Company will not contact your business for any other purpose other than in the conduct of it’s services and matters arising.
Data retention
The personal data collected is stored in the Company’s data management systems, both paper based and electronic. Personally identifiable information will not be disclosed to any third party except if permission has first been obtained from the users. The data will not be transferred to any other agency.
At regular intervals, we will:
· review the length of time we keep data;
· consider the purposes for which we hold data for in deciding whether (and for how long) to retain it;
· securely delete information that is no longer needed;
· update, archive or securely delete information if it goes out of date.
Security
The Company uses appropriate and reasonable data security measures to safeguard personally identifiable information from unauthorised access and loss. The implemented measures will be appropriate to the type of information maintained and compliant with all relevant legislation governing protection of personal information. Measures are implemented to preserve the confidentiality, integrity and availability of the personal information. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to only those employees who have a legitimate business need to have access to that data. The employees will process your personal data in accordance with our instructions. They will be subject to a duty of confidentiality and due care with respect to handling the personal data. We will deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Relevant areas of the Company’s website will employ Secure Socket Layer (“SSL”) or Transport Layer Security (“TLS”) encryption technology to enhance data privacy and help prevent loss, misuse, or alteration of the information collected and retained by the Company.
Links to Third-Party Sites
The Company does not provide links to third-party web sites, or advertisements which contain links to third-party sites.
Access, Review and Correction
The General Data Protection Regulations gives you the right to access your personal data held by us (“subject access request”). If you have an established business relationship with the Company, you may request from us a list of the categories of personal information held about you. Subject access requests must be made in writing to the details below. We will endeavour to respond to the request within a reasonable period and in any event within one month as required by the relevant provisions in the GDPR.
It is important that the personal data we hold about you is accurate and current. We will take all reasonable measures to ensure that the personal data we hold about you is accurate. At any time, you may request to review and correct your personal information, should there be any changes to your circumstances or errors in the gathered data. When you make a request to access or review the personal data we hold about you, we will request you to verify your identity before the request can be fulfilled.
Privacy Rights
In addition to the rights of access, review and correction, you have the right to object to your personal data being processed for any particular purpose, or to request that we stop using your information. If you wish to exercise these rights, please e-mail chris@workplacenoise.co.uk; send a letter marked “Data Protection” to the Company’s office at 45 Green Lane, North Duffield, Selby, North Yorkshire, YO8 5RR; or via the contact form on our website.
If you have further concerns about how we use your personal data, you also have the right to make a complaint to the Information Commissioner’s Office (ICO), the data protection authority for the UK. Please visit https://ico.org.uk/ for more details on your data protection rights and how to contact them.
This Policy is effective as of 13th May 2022.