New data protection regulations came into force on 25 May 2018.
Quantech Environmental Limited is a private limited company established in 1989 and offers design, installation and maintenance of air conditioning systems and associated building services.
The new Regulation applies to personal data which is defined as any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Principally, we deal with corporate clients and any personal data we hold relates to core business purposes only, comprising staff administration, marketing and accounts and records. We shall only process personal data in a manner that is compatible with GDPR seeking to ensure that we handle such data fairly and lawfully. We protect your personal data using technical and administrative security measures such as firewall and virus-checking software.
For clients and potential clients and for our suppliers and sub-contractors, personal data may be collected from you and any devices you use when such data is provided either offline or on a web form or when information is updated or added to your account.
Depending upon the exact circumstances, examples of personal data would include:
The company does not operate outside the UK.
The company does not process data by automated individual decision-making.
The company’s Data Controller is Keith Crossley. To exercise all rights, queries or complaints, individuals should contact [email protected] He is responsible for identifying the lawful basis for our processing activity relating to personal data and when we answer a subject access request. All members of staff have been made aware of the GPDR implications in terms of their data processing and access is restricted so that only people who need to process personal data to carry out their work shall have access to that data. Procedures are in place to effectively detect, report and investigate a personal data breach.
We do not sell or trade personally identifiable information. We do not transfer personally identifiable information other than to trusted third parties on a confidential basis who assist us in operating our website, conducting our business or servicing you. Information may also be released which we believe is necessary to comply with the law.
The legal basis for processing personal data will normally be by consent of the data subject which must be freely given, specific, informed and unambiguous. In other circumstances, processing may be essential to the performance of a contract or is required to enter into a contract of employment or processing bank and salary information for payroll purposes. Sharing of personal data will be involved in dealings with HM Customs and Excise and with clients who restrict access to their sites for security reasons.
Personal data will be retained for as long as reasonably necessary to provide the services you have requested , to comply with our legal obligations, to resolve disputes or in accordance with statutory requirements or recommendations (for example, the default HMRC 6 years + current).
You have various rights under GDPR including:
If you feel that your data has not been handled correctly or you are not happy with any response we may have given to requests made to us, you have the right to complain to the Information Commissioner’s Office which is now the UK’s Supervisory Authority on 0303 123 1113.
25 May 2018