Technisys Security Ltd
Conforming to the General Data Protection Regulation (GDPR)
Data held, what information do we hold?
- Customer names
- Customer addresses
- Customer telephone numbers
- Customer e-mail addresses
- Property layouts (where applicable)
- Current property security (where applicable)
- Engineer codes and passwords to systems
- Remote access login’s to security systems
We do not hold personal data such as date of birth.
We do not hold Special category data.
Why do we hold this information?
We hold the information to provide a service.
Contact details are held to communicate with the customer. As we are a service-based business and have on going relationships with the customer to enable them to have their security systems working to the correct standard. Not holding the information would mean that the customer would not be informed when servicing is required, critical firmware or software updates are needed to be install or product recalls need to be actioned.
What financial information do we hold?
We do not hold any financial information from our customers. Customers pay by card in person, cheque, bank transfer and on rare occasions cash.
Who do we obtain customer data from?
We usually obtain the information from the customer first hand via a telephone or web enquiry. If the customer telephones and requires a visit then we will obtain either a name and telephone number or full verbal contact details which we write down. If by email the customer usually make an enquiry and leaves a contact number or expects an emailed reply. Full contact details are disclosed during a telephone or email conversation.
Where do we store your information?
We hold customer information in paper format and digital formats.
- Paper formats, quotations, survey forms, service dockets and completion documents are held suspension files using the customer name or address as the identification in a locked filing cabinet.
- Digital formats are stored on computer Hard disk drives and portable backup drives which are locked away and never removed from the office contain, they quotations, survey forms, service dockets and completion documents. Customer history spreadsheets and databases.
- Cloud Storage, such as Microsoft One Drive is kept to a minimum and not used for customer details on a permanent basis. We may use the cloud storage for temporary access to documents on a laptop.
- Accounting, We hold invoice and quotations containing names and addresses on our cloud accounting software.
How long do we keep the data for?
We will keep the information for as long as the customer remains a customer or until notified that we can no longer retain it.
If asked to delete the data then all survey forms, maintenance dockets, Emails, texts quotations and contact data will be destroyed.
Invoices will be held for the current accounting period plus six years to comply with HMRC policy’s.
Customer Data rights
Customers have the following rights
- The right to be informed – Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the GDPR
- The right of access – individuals have the right to access their personal data and supplementary information. The right of access allows individuals to be aware of and verify the lawfulness of the processing.
- The right to rectification – If the customer requests that their data requires updating then this should be carried out in every location that the data is held
- The right of erasure – The customer has the right for all information about them to be deleted
- The right to restrict processing – The customer has the right to order the information not be used but retained for future use or evidence.
- The right to data portability – The customer has the right to have all relevant documents handed to another company with in reason.
- The right to object – The customer has the right to object to certain information passed on to them
- The right not to be subject to automated decision making including profiling – The customer has the right for a human to consider outcomes rather than a computer. Technisys Security Ltd does not use automation for final decisions.