GDPR Privacy Notice
Following the introduction of The General Data Protection Regulation (GDPR), this updated Privacy Notice details how Olympus Technologies Ltd. controls and processes personal data, and how it seeks to give our customers and suppliers more control over how their data is used.
What we hold?
As a supplier, we only hold personal data about you and your company that is necessary for carrying out our normal business activities. This information may include names, work addresses, email addresses and other work and personal contact information as provided to us by your company, in relation to the efficient handling of your relationship with us.
Why we need it?
We need to know your personal data in order to effectively operate our business and work with your company.
How we store it?
We may store your personal data in the following places:
- Paper filing systems
- Secure electronic documents (Microsoft Office, local and hosted email systems, CRM system)
Our IT systems
Our IT system has been audited and staff trained on the GDPR regulations to ensure understanding and compliance. Some data is stored on Microsoft Office 365, a system which is operated and protected by Microsoft in the USA.
What we do with it?
All personal data is processed in the UK by us and our suppliers and only in connection with our ongoing business relationship. Third parties, suppliers and others involved in our normal business dealings have access to your personal data only to perform the role they fulfil in the overall process. Our company does not transfer your data out with the European Union, unless we are exporting products to countries outside the EU, in which case, data will be shared with them as required. We only work with reputable companies and partners.
The Controller and Processor have a Data Protection regime in place to oversee the effective and secure processing of your personal data.
How long do we keep it?
We retain your personal data for as long as your Controller has a relationship with you and the data is required to support our business relationship with you. If our business relationship ends, we will retain your details for 3 years then delete them from our records. However, where our equipment is still operating within the customer, we are required to keep all relevant information relating to the equipment in case we are re-engaged to support the equipment.
What are your rights? (Right to be forgotten)
If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected, deleted or withdraw consent for it to be used. If you wish to raise a complaint on how your personal data is handled, please email email@example.com to investigate the matter.
If you are not satisfied with the response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
As you hold data for our company we expect you to do this in compliance with the GDPR and Data Protection Act 1998.
Any queries or issues relating to data will be dealt with by contacting a Director on 01484 514513 or email firstname.lastname@example.org