In light of the new EU General Data Protection Regulation (GDPR), which took effect on 25 May 2018, we would like to provide you with certain information about the personal data we hold within our systems.
The following actions are complied with when processing personal data:
- Data is processed fairly and lawfully
- Data is processed only for specified and lawful purposes
- Processed data is adequate, relevant and not excessive Processed data is accurate and, where necessary, kept up to dateData is not kept longer than necessary
- Data is processed in accordance with an individual's consent and rights Data is kept secure
- Data is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection.
Personal Data is obtained from one or more of the following:
- Visits and use of the Company websites
- Use of social media Use of Google Analytics
- Attendees of corporate CPD’s and webinars hosted by Kemmlit UK
- Requests for information about products and services offered by Kemmlit UK, and/or quotes Employment enquiries Information to facilitate the completion of an order.
Lawful basis of processing data
The lawful basis of processing of data will always be determined prior to any data being processed. Kemmlit UK processes personal data under one, or more, of the following lawful bases in accordance with GDPR:
- Consent – the individual has given their Consent to the processing of their personal data
- Contractual – processing of personal data is necessary for the performance of a contract to which the individual is a party, or for Kemmlit UK to take pre-contractual steps at the request of the individual
- Legal Obligation – processing of personal data is necessary for compliance with any legal obligation to which Kemmlit UK is subject to.
Why personal data is collected
Personal data is collected by Kemmlit UK to provide legitimate business services which include:
- For Marketing purposes
- For us to review and reply to your enquiry
- To meet our statutory monitoring and reporting responsibilities;
- To handle and communicate orders, billings and payment, delivery of products and services For employment reasons.
How long personal data is stored
Kemmlit UK review our retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal data on our systems for as long as is necessary for the relevant activity, or as long as required to cover any guarantee period of the products you may have purchased.
Who has access to your personal data
Only Kemmlit UK and other group employees are granted access to customer data. This is ensured by the use of strict operational processes and procedures
Relevant staff are trained on security of systems and relevant processes and procedures which are reviewed regularly for ongoing effectiveness and suitability for purpose.
Personal data provided via the Company’s portals is secured using Secure Socket Layer (SSL) server and is encrypted before being transmitted. Secure pages have a lock icon or key on the bottom of web browsers such as Microsoft Internet Explorer, information supplied by you on these webpages is securely stored and can only be accessed for the purposes for which it was provided.
Non-sensitive details (your email address and other requested information) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure it is secure on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We will not sell or rent your information to and trading company outside of the group.
Third Party Service Providers working on our behalf we may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to ourselves or you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party including for a merger, acquisition, or similar transaction or as part of any restructuring or reorganisation.
We may also further transfer data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to law enforcement. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
How your personal data is used
- Process orders, process a request for further information, to maintain records and to provide pre and after-sales service.
- Pass to another organisation to supply/deliver products or services you have purchased and/or to provide pre or after-sales service.
- Carry out our obligations arising from any contracts entered into by you and us
- Comply with any legal requirements
- Maintaining our list of business contacts.
- Seek your views or comments on the services or products we provide
- Notify you of changes to our services Send you communications which you have requested and that may be of interest to you. These may include information about product updates, events, webinars and CPD events
- Process a job application