Collection of Personal Data
If you are a supplier we need to collect and store some personal data about you and/or your employees in order to conduct our business with you and fulfil contractual obligations. This usually includes name, email address, phone number, VAT number and bank account details for payments. We store and process this data on the basis of “legitimate interest” and “contract” i.e. so that we purchase services from you, process payments to you, fulfil financial reporting/audit obligations and make contact when the need arises.
We collect this data directly either by:
- You contacting us by phone or email
- Us contacting you, either by phone or email
Use and Sharing of Your Personal Data
We will only use your personal data for the purpose for which it was provided to us. Unless you specify otherwise, we may share your information with any of our group companies.
Your data may be stored on hosted systems, provided by third parties (“data processors”). Any such third parties will only use your data in support of our services to you and for no other purpose. Your data will never be sold on to any third party.
Duration of Storage
We will hold onto your data for as long as there is a continued legitimate interest. If we have not had meaningful contact with you for a period of 2 years we may delete your personal data from our systems unless there is a legitimate reason for retaining it – e.g. Revenue records, any anticipated litigation, etc.).
Security of Your Data
Whenever we store or process your information, we will ensure that we always keep your Personal Data rights in high regard. We implement appropriate technical and physical policies to ensure, in so far as we can, that your data is kept safe.
Any printed data that we have is stored in a physically secure manner.
While we take all reasonable measures to ensure that your data is safe, we cannot guarantee 100% security. In the event of a data breach we will conform with the GDPR and report any breach that is likely to result in a risk to your rights and freedoms to the Data Commissioner and where the data breach is likely to result in a high risk of adversely affecting your individual rights & freedoms, the breach will be reported to you directly.
Updating or Viewing Your Data
You can send us updates relevant to our mutual business at any time so that we can keep our records up to date and accurate. You can contact us at email@example.com or in writing to our postal address in the Contact Us section of our website.
If you want to know what data we hold about you, you can request access to that data – this is known as a Data Subject Access Request. We will grant such requests in a timely manner and at the latest, within one month of receipt of the request. In limited circumstances we may decline your request but will explain why we have declined. You will be required to identify yourself before we can grant such a request.
Removing Your Data
If you no longer want Allagi to keep your personal data, we will remove it on receipt of a written request, where one of the following grounds applies:
- the personal data is no longer necessary for the purpose which we originally collected or processed it for;
- you withdraw consent previously given
- you object to the processing of your data, and there is no overriding legitimate interest to continue this processing;
- your data is being processed for direct marketing purposes and you object to that processing;
- your data has been processed unlawfully
- we have to delete your data to comply with a legal obligation.
You can write to us to request removal at firstname.lastname@example.org or to our postal address in the Contact Us section of our website. You will be required to identify yourself before we can grant such a request.