Our General Data Protection Regulation (GDPR) preparation started in June 2017 and as part of this process we have reviewed (and updated where necessary) all our internal processes, procedures, data systems and documentation to ensure that we are GDPR compliant.
OUR GDPR PRINCIPLES ARE:
- Data is processed fairly and lawfully
- Data is processed only for specified and lawful purposes
- Processed data is adequate, relevant and not excessive
- Processed data is accurate and, where necessary, kept up to date
- Data is not kept longer than necessary
- Data is processed in accordance with an individual’s consent and rights
- Data is kept secure
Data is not transferred to countries outside of the European Economic Area.
The information given to ourselves by our customers will consist of Name, Address, Contact Numbers, Email Address, Date of Birth, Bank Details, Type of Business, position within the Company.
Even though this list is not exhaustive there will also be further information disclosed, details of which are outlined in our Trade Credit and Self Build Applications forms, which are available to download from our website www.lbsbm.co.uk.
This information is stored in secure files and within our IT system that has the relevant and adequate security measures in place to actively protect our customer data.
USE & STORAGE OF INFORMATION
Information given to us by our customers is used in conjunction with applications for trading accounts with our business. This allows our Company to make commercial decisions on the viability of being able to identify applicants to provide them with credit purchase facilities for materials our business supplies.
We will make a search on the information you have provided with a Credit Reference Agency, which will keep a record of that search and will share that information with other businesses. In some instances we may also make a search on the personal file of principal Directors. Should it become necessary to review an account, then again a credit reference may be sought and a record kept. We will monitor and record information relating to your trade performance and such records will be made available to Credit Reference Agencies who will share that information with other businesses when assessing applications for credit and fraud prevention.
Our IT system that stores information will continue to be Cyber Essentials certified.
The LBS Group of Companies has formed a GDPR Committee, who will regularly review the systems in place to ensure not only compliance but that they are improved in line with regulation and best practice.
Training needs of staff in relation to the new data protection regulations will also continue to be reviewed by the Company.
If, at any time, you wish for your information to be removed or changed, or your communication preferences be amended, please contact the GDPR Committee at firstname.lastname@example.org.
CONTACT & FEEDBACK
Should you wish to raise any questions or provide us with feedback on our website or this Policy, then please contact the GDPR Committee at email@example.com.
Policy Revision: May 2019