GLP Consulting Engineers Ltd understand that your privacy is important to you and that you care about how your personal data is used and shared. We respect and value the privacy of everyone who visits our website, www.glpartnership.co.uk, existing clients who we deal with on a day-to-day basis via email and telephone and new prospects as well as future clients. We will only collect and use personal data in ways that are described here, and in a manner, that is consistent with our obligations and your rights under the law.
GLP Consulting Engineers Ltd are Mechanical and Electrical Design Consultants.
Our registered address and head office is Unit 5, Howarth Court, Gateway Crescent, Oldham Broadway Business Park, Chadderton, Oldham, Lancashire OL9 9XB.
Our Company number is 667945.
Our VAT Registration number is GB 794 842576
Our Contact telephone number is 0161 681 7070
Our email address is firstname.lastname@example.org
WHAT DOES THIS POLICY COVER?
As a data subject, you have the following rights under GDPR, which this policy and our use of personal data have been designed to uphold.:
The right to be informed about the collection and use of your personal data.
The right of access to the personal data we hold about you.
The right to rectification if any personal data we hold about you is inaccurate or incomplete (Please contact us by using the data protection officer contact details at the end of this document).
The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you. (Note: We only hold your personal data for a limited time, but if you would like us to delete it sooner, please contact us by using the data protection officer details at the end of this document.
The right to restrict (i.e. prevent) the processing of your personal data.
The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation).
The right to object to us using your personal data for particular purposes.
If you have any cause for complaint about our use of your personal data, please contact us using the details provided at the end of this document for the data protection officer and we will do our best to solve the problem for you.
WHAT DATA DO WE COLLECT?
We only collect information which has been given to us by yourself or by a third party involved with us on specific projects where your information is relevant. Depending upon your involvement in our projects we may collect and hold some or all of the following personal and non-personal data
Personal Address (If you work from home or need us to hold your personal address
Business General Email Address
Personal Business Email Address
Business General Phone Number
Personal Business Phone Number/DDI Number (if relevant)
Personal Home Phone Number (Only if you work from home and require us to have this)
Business Mobile Number
Personal Mobile Number (Only if you require us to have this)
WHY DO WE NEED YOUR DATA AND HOW DO WE USE IT?
We need to know basic personal data in the form of personal email addresses and direct phone numbers/mobile numbers in particular, to allow us to provide you with a quick and accurate service and fast response. We will not use your personal information for anything other than the business and projects we are working on with you.
We will not collect any personal data from you that we do not need in order to provide and oversee our services to you.
All data, including personal data, is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the GDPR at all times. For more details on security see our section on “How we store your data” below
Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data or because it is in our legitimate interests. Specifically, we may use your data for the following purposes:
* Providing and managing your Account;
* Supplying our services to you (please note that we require your personal
email address and contact number in order to enter into a contract with you);
* Personalising our services for you
* Replying to emails from you
* Supplying you with information on a day to day basis relevant to our
projects and general business between us.
With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email with information and news on our services from time to time. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Your data may need to be shared from time to time with third parties (including Architects, Clients, Contractors and Suppliers relevant to the project/s we are working on with you, in order to ensure we provide you with the best service possible. Any of our third parties whose content may appear on our website may use third party Cookies, as detailed below. Please note that we do not control the activities of such third parties, nor the data they collect and use and advise you to check the privacy policies of any such third parties.
All the personal data we use is controlled by GLP Consulting Engineers Ltd in the UK. This information is located on servers within the UK also. No third parties can gain direct access to your personal data unless the law allows them to do so. We have a Data Protection regime in place to oversee the effective and secure processing of your personal data.
You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it. We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected.
HOW AND WHERE DO WE STORE YOUR DATA?
We only keep your personal data for as long as we need to in order to use it as described above and/or for as long as we have your permission to keep it.
Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure any data we hold.
Steps we take to secure and protect your data include:
* All servers protected with firewalls.
* Only authorised users have access to data.
* All access to the data is logged.
* All personal information is maintained in encrypted format.
* All mobile devices (those which leave our offices) containing personal data
are suitably encrypted.
We are required to keep your basic personal data, such as name, address, contact details and project details including fees and invoicing for a minimum of 7 years after the termination of your Agreement at which time it will be destroyed. The information used for marketing will be kept with us until you notify us that you no longer wish to receive this information. Please note, that in accordance with our PI Insurance, we are required to keep full records of any projects and correspondence between the persons working on those projects for 12 years.
SECURE STORAGE OF EMAIL DATA
All our emails are stored in Microsoft Office 365. No email will sit in any of our general or specific director/employee’s inbox for longer than 2 hours after receipt. After this time they are stored securely in Project Folders. This information will remain within the project file until the project comes to an end at which point the project file is securely archived and password protected. Information will be kept in these archived files for a minimum of 12 years in accordance with our PI Insurance.
Through Microsoft Office 365, we are also able to remotely manage emails that have been downloaded onto phone / tablets / etc, so in the event of a device being stolen or lost, we can secure that data very quickly.
SECURE STORAGE OF FILES AND FOLDERS
We have company folders which are stored on an internal network storage device. These files are encrypted so they cannot be accessed without an appropriate username and password. They are backed up into the Microsoft OneDrive for Business Cloud, which is also secured and encrypted end to end. We also require to hold on to this data for a minimum of 12 years in accordance with our PI Insurance.
All laptops, mobile devices and USB sticks used to transport client data (this happens rarely, if ever), are all secure and encrypted.
Only authorised personnel within the company are allowed passwords to access files and password changes are forced every 12 months. Should a member of staff leave the company, passwords are changed automatically to ensure security, regardless of the 12 months rule above.
DO WE SHARE YOUR DATA?
We may share your data with other companies relating to projects we are working on with you. This includes Clients, Property Investors, Architects, Contractors and Suppliers.
While it is unlikely, in certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority.
We may sometimes contract with third parties to supply products and services to you on our behalf. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
In the unlikely event we would need to transfer any personal data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR
WHAT HAPPENS IF OUR BUSINESS CHANGES HANDS?
In the event that any of your data is to be transferred in such a manner, you will not be contacted in advance and informed of the changes. When contacted you will however, be given the choice to have your data deleted or withheld from the new owner or controller.
HOW CAN YOU CONTROL YOUR DATA?
In addition to your rights under the GDPR, when you submit personal data to us you can advise us to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may inform us of at any time).
YOUR RIGHT TO WITHHOLD INFORMATION
We will only ask you to provide information which is relevant to the project we are working on with you and which allows us to work efficiently for the good of the people involved and the project itself. You will never be asked for personal data which is anything more than direct email address or phone number. Should you work from home we would need a suitable contact address, phone number or email. Should this be your private home details these too will be kept securely on our system and will never be divulged to a third party without your prior consent.
HOW CAN YOU ACCESS YOUR DATA?
You have the right to ask for a copy of any of your personal data held by us (where such data is held). Under the GDPR, no fee is payable and we will provide any and all information in response to your request free of charge. Please contact us for more details by using the contact details below.