info@joinerandson.eu
Product has been added to your cart.

GENERAL DATA PROTECTION REGULATIONS POLICY

Introduction The Privacy and Security of Personal Data is extremely important to Joiner and son, and it is our aim to make sure you stay informed and can be confident about giving us your information.

This Data Protection Privacy Policy has been updated to incorporate the General Data Protection Regulations (GDPR), which came into force from 25th May 2018, and explains how and why we use your Personal data, to make sure you stay informed and can be confident about giving us your information.

This Policy explains how Joiner and son aims to ensure that individuals are aware of why we need Personal data how their data is being collected; processed; handled and stored, and that they understand how the data is being used and how to exercise their rights.

Data Protection Law The General Data Protection Regulations are underpinned by important principles:

  • Be processed fairly and lawfully.
  • Be obtained only for specific lawful purposes.
  • Be adequate, relevant and not excessive.
  • Be accurate and kept up to date.
  • Not be held for any longer than necessary.
  • Processed in accordance with the rights of data subjects.
  • Be protected in appropriate ways.
  • Not be transferred outside the European Union (EU), unless that country or territory also ensures an adequate level of protection.

Individual Personal Data Information Collected

Personal “Basic” data is any information which identifies and individual, or which can be identified as relating to them personally. This can include name; postal address; email address; telephone numbers plus any other relevant information relating to the individual’s enquiry.

When an individual makes an initial request for a service from Joiner and son, for example, a quotation; on site works; purchase our products, or communicate with us, it is our Company policy at that point of contact to collect Personal “Basic” data from the individual and any relevant Personal “Sensitive” data an individual may wish to share with Joiner and son, which could have a relevance to the service you require us to provide. This information is then processed onto a Customer Enquiry form.

Joiner and son only collects the Personal “Basic” data that we need from you and is directly provided by yourself.

 

Joiner and son Collects Information for the Following Purpose

Information is required in order for us provide you with a specific service you have requested from Joiner and son, and to communicate with you for example; to provide on-going information or organisational updates in line with your requested service or contract.

We do not buy external data and will not sell or rent your Personal identifiable information to anyone. Joiner and son will only use your Personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulations (GDPR) May 2018/UK Data Protection Act and Privacy of Electronic Communication Regulation.

 

Consent and Purpose

Individuals will need to give clear consent for Joiner and son to process their Personal data for a specific purpose.

Joiner and son does not require your consent for Personal “Basic” information you have directly provided to us, but to ensure transparency Joiner and son will ask you to confirm the details are correct and confirm your consent.

Processing is necessary for the performance of a contract Joiner and son may have with the individual, or because the individual has asked us to take specific steps before entering into a contract.

Joiner and son may ask you to complete a Customer Questionnaire, as part of their ongoing Customer care policy; which includes a request for consent to include photographs of products we have manufactured for you. Photographs could appear on our website; Facebook page; promotional advertising and Joiner and son portfolio. We will not include Customer’s names or addresses for marketing purposes.

 

Data Accuracy

The law requires Joiner and son to take reasonable steps to ensure data is kept accurate and up to date. Customers; Employees; Contractors; Suppliers and other people working on behalf of Joiner and son are requested to advise Joiner and son of any changes in their Personal Data, for example, change of telephone numbers; new email address; change of Bank details, to ensure it is kept as accurate and up to date as possible. Data will be updated as inaccuracies are discovered. For instance, if a customer can no longer be reached on their stored telephone number it will be removed from the database.

 

Sharing Customer Data with Third Parties

We may share Customer’s Personal “Basis” data information with some third parties; to enable Joiner and son to provide you with ongoing organizational updates relevant to the individual overall contract; for example, a supplier or contractor working alongside Joiner and son to fulfill your contract.

 

Sharing Recruitment & Employment Personal Data Information with Third Parties

As well as processing Personal “Basic” and Personal “Sensitive” data, to meet contractual responsibilities, we may also need to process Personal “Special Category” data. In order to comply with the following responsibilities we collect data for the following purposes:

  • Contractual Responsibilities: To comply to our contractual responsibilities Joiner and son collect and process Personal “Basic” data and Personal “Sensitive” data from job applicants and employees. This data can include, payroll; bank account; postal address; sick pay; leave; emergency contacts; maternity pay; pension and known disability, some of which is shared with HM Revenue & Customs and Pension Providers.
  • Statutory Responsibilities: Statutory responsibilities are those imposed through law on Joiner and son as an employer. The data processed to meet statutory responsibilities include, but is not limited to, data relating to tax; national insurance; statutory sick pay; statutory maternity pay; family leave; work permits; equal opportunities monitoring.
  • Management responsibilities: Management responsibilities are those necessary for organisation functions of Joiner and son. The data processed to meet management responsibilities includes, but is not limited to data relating to recruitment and employment; training and development; absence; disciplinary matters; emergency contact; email; address and telephone number.
  • Special Category Personal Data: Joiner and son will only process data about an employee’s health on a lawful basis where it is necessary for example, to pay statutory sick pay. Joiner and son does not process data about an employee’s ethnic origin; politics; religion; trade union membership; genetics; biometrics (where used for ID purposes) or sexual orientation.

Joiner and son will always request your consent to share Personal “Basis” data and Personal “Sensitive” data with third parties.

 

Disclosing Data for other Reasons

In certain circumstances the General Data Protections Regulations allows Personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances Joiner and son will disclose requested data.

Joiner and son will ensure the request is legitimate, seeking assistance from the Company’s legal advisers where necessary.

 

How we keep your Data Secure

Joiner and son ensures that they comply with current legislation meeting its data protection obligations by operating safeguarding procedures. Joiner and son have a Data Protection regime in place to oversee the effective and secure processing of Personal data and it is limited only to those with a strict need to know. All the Personal data we process is processed by a member of staff employed by Joiner and son.

 

Electronic Data Storage & Responsibilities

Joiner and son takes a proactive approach to user privacy and ensures the necessary steps are taken to protect the privacy of its website users throughout their visiting experience to Joiner and son website. We only collect information about your computers’ Internet Protocol (IP) address when you visit our website, through a technology called ‘cookies’ using the freemium web analytics service offered by Google that tracks and reports website traffic. Joiner and son ensures that they comply with current legislation meeting its obligations by operating safeguarding procedures. When Personal data is stored electronically it is protected from malicious hacking attempts by using approved security software and firewalls.

 

How long we keep your Data

Joiner and son will not retain Personal data longer than necessary. We will hold onto the data provided either while your account is in existence, or for as long as is necessary to provide after sales support, as outlined within our Terms & Conditions and Contract between yourself and Joiner and son.

Personal data no longer necessary will be destroyed, and any relevant third parties will also be advised to erase your personal data. If legally required, or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after you have closed your account, or it is no longer needed to provide the services to you.

 

Access Requests

All individuals have the right at any time to request a readable copy of the Personal information Joiner and son hold on them, this is called a Subject Access Request.

We want our Customers to have control over how we use their information. If at any point an individual believes the information we process on them is incorrect they can exercise their rights as detailed below in the section “What are your Rights” Joiner and son will always verify the identity of anyone making a Subject Access request before handing over any information.

 

What are your Rights

The General Data Protection Regulations include the following rights for all individuals who are the subject of Personal data held:-

  • The right to be informed – Individuals have the right to be advised of what Personal data Joiner and son hold on them and why.
  • The right of access – Individuals have the right to access their Personal data; supplementary information and verify the lawfulness of the processing.
  • The right of rectification – Individuals have the right to rectify any inaccurate Personal information held on them. Joiner and son will contact each recipient of the Personal data to inform them of the rectification.
  • The right of erasure – Individuals have the right to request deletion or removal of their Personal data, where there is no convincing reason for it to be kept.
  • The right to restrict processing – Individuals can contest the accuracy of their Personal data.
  • The right to data portability – Individuals have the right to obtain and reuse their Personal data for their own purposes across different services.
  • The right to object – Individuals have the right to object to the processing of personal data being used for direct marketing or profiling.
  • The right not to be subject to automated decision making – Joiner and son do not operate automated decision making or profiling

 

How to contact us

If you have any queries about how Joiner and son use your Personal information Contact can be made by one of the following methods and Joiner and son will respond to you within 28 days:

1. By post to:

Joiner and son
Tomáš Obšivač
Vidče 426
756 53 Vidče
Czech Republic

2. By emailing at Joiner and son t:  info@joinerandson.eu

The Personal data will be provided in most cases Free of Charge.

Joiner and son can refuse or charge for requests that are manifestly unfounded or excessive, and the individual will be advised why and that they have the right to complain. If you are not satisfied with the response from Joiner and son  or believe we are not processing your Personal data in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk/

Menu