This policy is based on the Data Protection Act 2018 and the UK General Data Protection Regulation (“UK GDPR”) of 1st January 2021. This policy is not intended as a definitive statement of the application of all applicable data privacy laws; instead it acts as a general framework of best practice, setting out the principles of data privacy adopted within Techniglaze to assist in the application of this Policy.
This Policy applies to all Employees of Techniglaze Ltd, its supply chain partners and/or indirectly employed persons and/or sub-contractors. It is the responsibility of all those to assist Techniglaze Ltd to comply with this policy and they should familiarise themselves with this policy and apply its provisions in relation to all processing of personal data.
Personal data is any information relating to an identifiable person who can be directly or indirectly identified by reference to specific identifiers. In order to operate its business effectively, Techniglaze Limited requires certain types of information from customers, suppliers and employees; this includes names, bank details, email and postal addresses and telephone numbers. For employees, we also keep National Insurance numbers, dates of birth and marriage, and emergency contact information.
The information obtained from customers and suppliers is used internally for financial and operational reasons to fulfil our contractual obligations but not for purely marketing purposes, For employees, the information obtained is used for payroll and pension functions.
Information obtained from customers, suppliers and employees is never shared with third parties, except as required by law or for other legal purposes. Recipients may include HMRC and other Government Departments, local authorities and the Company’s auditors, as appropriate.
Information is stored electronically and securely on our server for customers, suppliers and employees, with limited role-specific access by Techniglaze Limited staff.
Paper copies of employee information are also stored securely by the Payroll Department for payroll purposes. The server operates a RAID duplicated hard drive system and we also carry out a daily encrypted backup. All computers are password protected, with additional password protection on data-handling programs.
Information is kept for the duration of the business relationship and/or a minimum of the legally required period, currently 6 full years in the case of customers and suppliers. Employee information may be kept longer for insurance and pension purposes. All credit card details are securely destroyed immediately after payment has been taken.
You have the right of access to your personal information held by us without charge. You may request the removal of personal information from our database, subject to legal and contractual requirements, by contacting our Data Controller at the above address.
