GDPR Privacy Notice
Following the introduction of The General Data Protection Regulation (GDPR), this updated Privacy Notice details how Olympus Technologies Ltd. controls and processes personal data, and how it seeks to give our customers and suppliers more control over how their data is used.
What we hold?
As a supplier, we only hold personal data about you and your company that is necessary for carrying out our normal business activities. This information may include names, work addresses, email addresses and other work and personal contact information as provided to us by your company, in relation to the efficient handling of your relationship with us.
Why we need it?
We need to know your personal data in order to effectively operate our business and work with your company.
How we store it?
We may store your personal data in the following places:
- Paper filing systems
- Secure electronic documents (Microsoft Office, local and hosted email systems, CRM system)
Our IT systems
Our IT system has been audited and staff trained on the GDPR regulations to ensure understanding and compliance. Some data is stored on Microsoft Office 365, a system which is operated and protected by Microsoft in the USA.
What we do with it?
All personal data is processed in the UK by us and our suppliers and only in connection with our ongoing business relationship. Third parties, suppliers and others involved in our normal business dealings have access to your personal data only to perform the role they fulfil in the overall process. Our company does not transfer your data out with the European Union, unless we are exporting products to countries outside the EU, in which case, data will be shared with them as required. We only work with reputable companies and partners.
The Controller and Processor have a Data Protection regime in place to oversee the effective and secure processing of your personal data.
How long do we keep it?
We retain your personal data for as long as your Controller has a relationship with you and the data is required to support our business relationship with you. If our business relationship ends, we will retain your details for 3 years then delete them from our records. However, where our equipment is still operating within the customer, we are required to keep all relevant information relating to the equipment in case we are re-engaged to support the equipment.
What are your rights? (Right to be forgotten)
If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected, deleted or withdraw consent for it to be used. If you wish to raise a complaint on how your personal data is handled, please email email@example.com to investigate the matter.
If you are not satisfied with the response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
As you hold data for our company we expect you to do this in compliance with the GDPR and Data Protection Act 1998.
Any queries or issues relating to data will be dealt with by contacting a Director on 01484 514513 or email firstname.lastname@example.org
Call Recordings Privacy Notice
This privacy notice explains how we use recordings of phone calls within Olympus Technologies
When a call is recorded, we collect:
- a digital recording of the telephone conversation
- the telephone number of both parties (internal and external)
Telephone call recording will be turned off, when a customer’s credit or debit card details are given, in line with Payment Card Industry Data Security Standards (PCS DSS) and data protection legislation including General Data Protection Regulations (‘GDPR’).
Using personal data
Call recordings will be used:
- To assist in the quality monitoring of staff performance
- To investigate and resolve complaints
- For the detection, investigation and prevention of crime (including fraud)
- To take actions to protect staff from abusive callers
- To ensure the Olympus Technologies is able to monitor and adhere to quality standards
All call recordings are held on a secure system. Only a director of the company may request a copy of a call through a prescribed form for a specific reason.
Sharing data under Data Protection legislation
We may be required or permitted, under Data Protection legislation, to disclose a call recording including your personal data without your explicit consent, for example if we have a legal obligation to do so, such as for:
- Law enforcement
- Fraud investigations
- Regulation and licencing
- Court proceedings
Retaining personal data
Recordings are kept securely and confidentially. They will be deleted after one year unless there is an explicit reason to retain the data, such as a legal dispute.
Your rights relating to personal data
Please see details about your rights under the new data protection legislation introduced in May 2018.
We will keep the call Recording Privacy Notice under review with an annual review.
Version Two: 4 November 2019