CONFIDENTIALITY/PRIVACY POLICY

The purpose of our Confidentiality/Privacy Policy is to ensure that all staff members and customers are aware how Dorset Windows Ltd deals with the disclosure of personal data
and confidential information and taking into account the new requirements of the General Data Protection Regulation (GDPR) which came into force 25 May 2018.

For the purpose of this policy, relates to obtaining, the retention and transmission of personal, sensitive or identifiable information about individuals or organisations (confidential information), which comes into the possession of Dorset Windows Ltd through its work.

Dorset Windows Ltd holds personal data about its staff, contractors and customers which will only be used for the purposes for which it was gathered, with us or our third-party
suppliers or regulators.

By agreeing to our quotation customers are consenting to their personal data being shared with third parties for the purposes of fulfilling the requirements of the Competent Person Scheme for self-certification under the Building Regulations. Personal data includes title, name, address, phone numbers and email addresses. This data will be used to provide essential documentation and will be retained on files for the lifetime of the guarantees which do not exceed 10 years’.

All personal paper-based and electronic data will be stored in accordance with the GDPR (formally Data Protection Act) and will be secured against unauthorised access, accidental disclosure, loss or destruction, by means of secure access and or password protection. All destruction of personal paper is shredded by our Secure Shredding Service provider on a regular basis. Items to be held longer for regulatory requirements and/or warranty identification with suppliers will be held in a lockable secure storage facility.

All personal paper-based and electronic data will only be accessible to those individuals authorised to have access.

No personal information given to Dorset Windows Ltd will be shared with any other third-party organisation (other than those mentioned above) or used for email marketing without the individuals permission.

 

Confidentiality Policy created July 2013 – Updated 15/9/14 – next review July 2015.
Reviewed May 2015 – no changes.
Updated to include GDPR – 25 May 2018