GDPR Information

What is GDPR?

GDPR is Europe’s new framework for the data protection laws and now replaces the previous 1995 data protection directive. GDPR has been designed to harmonize data protection laws and to give an overall greater protection and rights to businesses and customers of the public. The General data protection regulation came into force in May 2018 in the UK; this is one of the biggest changes to the data protection laws.

Green Plan-It limited take the collection and management of sensitive data extremely seriously. In alight with the latest GDPR regulations all procedures have been reviewed, only necessary information that is collated is then stored to the highest of standards..

Personal Data 

Any information related to a natural person or data subject that can be used directly or indirectly for identification, the following are examples that are protected in relation to GDPR :

• Names
• Personal photographs
• Email and postal addresses
• Medical information

The information shall be retained on agreements, email or verbally. Personal data is processed lawfully, fairly, and transparently, without adversely affecting any rights.

Data Control 

The GDPR applies if the data controller (i.e. the business or organisation that collects data) or the data processor (i.e. the business or organisation that processes data for the controller) or the data subject (person who the data refers) is based in the EU. Even if a controller or processor is based outside of the EU, the GDPR will still apply if they’re collecting or processing data relating to people who live in the EU.

Under the GDPR controllers must ensure that personal data is processed lawfully, transparently and for a specific purpose, after which – if the data is no longer required – it must be deleted.

The GDPR will apply to all businesses that store and process personal data of subjects living in the EU. So, UK companies collecting or processing personal data must comply with the GDPR. According to the ICO: “The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.” Even after the UK leaves the EU, UK firms collecting or processing the personal data of people living in the EU will have to comply with the GDPR.

Data Removal 

We are devoted to protect the privacy of all our clients. Green Plan-it provides secure destruction services for paper documents, hard drives and electronic media, and issues a Certificate of Destruction after every shred.  We don’t hold any personal information for longer than necessary and we use only for the purpose it was originally collected for.

Under the GDPR regulations, clients and customers have rights over the collection of data, this includes:

• Check or challenge automated decision making and profiling.
• Access to personal data via a Subject Access Request.
• Restrict processing of data where information is inaccurate or there is an objection to the lawfulness of the processing.
• Deletion of data where there is no lawful reason for its continued processing.
• Object if no legitimate reason exists for the processing of data.
• Rectification of personal data if inaccurate, incomplete, or out of date.
• Be informed about personal data being held and processed.

Data Usage 

The information collected is only ever used for the purpose of completing the work requested at that time or work completed in the future.

Security

All information retained by Green Plan-it Limited is stored securely at our head office depot in Leicestershire. We aim to make sure we are fully compliant with GDPR standard. All staff that requires access to any data is fully aware of GDPR regulations and understand the current process and procedures.

Please Contact Our Office For More Information

We are available Monday and Friday from 8am-5pm.
Head Office: 0800 085 4008
Enquiries Team: enquiries@greenplan-it.co.uk