General Data Protection Regulation GDPR Policy

Toby

GDPR and Privacy Statement 

General Data Protection Regulation (GDPR) will come into force on 25 May 2018. The new laws aim to update the current Data Protection Act, increase the privacy protection of all UK and EU citizens and reduce the risk of data breaches. It will apply to all public and private organisations processing personal data. 

Toby Electronics Ltd is committed to the privacy and security of all individuals personal data which we hold and will only process and retain the information under the following circumstances. 

Customers and suppliers – Contact names and emails shall be held for relevant individuals required for the completion and support of contracts between a customer and Toby. Contact data may be shared with suppliers or subcontractors involved in the completion of a contract where they require direct contact but only if the recipient of the data is also GDPR compliant. The data will be held until the supply and support of a contract is completed. 

Employees – Personnel details shall be held for current and past employees required for the legal requirements of the HR and Accounts departments. The data will be held for a duration in line with the current legal guidelines set out by HMRC and HSE. 

All data is stored on secured premises with 24hr surveillance, Servers and Computers are secured with Enterprise Grade Security Systems and encryption. 

Toby will only hold personal details for the purposes outlined; we will never pass your details onto a third party without your permission. 

Any queries about GDPR compliance or requests for what data we hold on an individual should be made to Steve@toby.co.uk

Click here for PDF document