The General Data Protection Regulation Information
1. Identify the Lawful basis for processing personal data
(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
Customers understand we take their name, email address, phone number, address to provide them with work related details. No marketing emails will be sent to customers.
(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
Springwell Manor Health Farm requires client information in order to schedule work.
2. Your business has reviewed how you ask for and record consent. Your business has systems to record and manage ongoing consent.
Springwell Manor Health Farm collects customer information to schedule work and confirm booking with client.
3. When collecting personal information, we tell people how we will use it
Customers are informed on the phone that their data is only being used for job scheduling.
A Privacy Statement is available on request.
4. Right to rectification and data quality
Any customer can have their data corrected/rectified within the companies records and email address book.
5. Right to erasure including retention and disposal
All customer data stored can be erased at their request. This process entails:
1. Finding and removing the email address and contact information.
6. Right to restrict processing
Your business has procedures to respond to an individual’s request to restrict the processing of their personal data.
Customer data is not shared with third parties. Springwell Manor Health Farm does not enter into marketing and data stored is only for work related issues
7. Right to data portability
If a customer requests their personal data. Springwell Manor Health Farm will send it in a simple email or spreadsheet format via email. Allowing them to easily transfer their data to various IT environments.
8. Right to Object
If a customer verbally or written requests to have their personal data removed, Springwell Manor Health Farm will be informed and act upon it.
Springwell Manor Health Farm has a data protection policy that is explained to all members of staff and available in the office.
10. Information risks
As reflected in this Springwell Manor Health Farms document. management team understand the business impacts of data risks and manage them effectively.
11. Data Protection by Design
Springwell Manor Health Farm has implemented measures to protect data. These include:
One Designated member of the management team.
When staff leave, passwords are changed.
Only the management team have access via lock and key.
12. Data Protection Impact Assessments (DPIA)
Springwell Manor Health Farm will undergo DPIA’s if new tasks that require collecting personal data are undertaken.
13. Management Responsibility
The management team demonstrate support for data protection legislation and promote a positive culture of data protection compliance across the business.
14. Breach notification
If anyone suspects a breach of personal data within Springwell Manor Health Farm, the following actions will take place.
1. Director to be informed immediately.
2. Investigation to begin immediately to determine what data has been breach.
3. Fixes/password changes will be rolled out, and the relevant members informed.