Purpose of this document:
The purpose of this document is to show how Champion Information Services will use your data and that Champion Information Services is committed to GDPR.
We respect our client and employee’s data privacy rights and have revised and amended our internal processes to reflect the practices of the GDPR regulations.
What type of information we have
We currently collect and process the following information:
Any identifiable data that relates to places of business and employees. We currently only hold:
- Data subject name (either employee or Director/Senior management).
- Data subject email address and telephone number (if appropriate).
- Data subject business address.
How we get the information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- Follow up with any email enquiries.
- Send you general (non-marketing) communications.
- Request feedback for product and support services reviews.
- Resolve any enquiries or complaints that you may have.
- To fulfil any contract stipulations.
We also receive personal information indirectly, from the following sources in the following scenarios:
- Information for marketing purposes is gathered from the public records held with the government. This is used purely for marketing purpose and not revealed to any other parties. If the data is deemed non useful, or we are requested, all copies are electronically destroyed.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Your consent; You are able to remove your consent at any time. You can do this by contacting: email@example.com
- We have a contractual obligation.
- We have a legitimate interest.
What we do with the information we have
We use the information that you have given us in order:
- To provide you with the services or information that have been contractually requested from us.
- To update you about any changes to our services, products or prices
- To maintain our organisational records and ensure we have your most up-to-date marketing preferences set in our CRM.
Only relevant data will be shared with legal entity / contracted suppliers when needed who have legislation in place for GDPR, for example Microsoft Ltd.
How we store your information
Your information is securely stored on encrypted internal servers and also on cloud-based systems within the UK and EU or on services that comply with European Commission Decision 2013/65/EU.
We keep business identifiable data for 1 year. We will then dispose your information by electronic shredding.
We keep business identifiable data for 6 months after the end of the contract. We will then dispose your information by electronic shredding.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access: You have the right to ask us for copies of your personal information.
- Your right to rectification: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances, unless there is a legal requirement to keep the data. We will act upon the request without delay.
- Your right to restriction of processing: You have the right to ask us to restrict the processing of your information in the following circumstances:
- Personal data is not accurate
- The processing is unlawful
- Data is required to exercise legal rights
- Your right to object to processing: You have the the right to object to the processing of your personal data in certain circumstances. We will only process data where there are demonstrable lawful grounds for doing so.
- Your right to data portability: You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. All requests must be made in writing and come from the senior management of the organisation requesting the data. if you wish to make a request please contact us usign the details below.
Contact name: Christopher Champion
Address: 58 Military Road, The Mounts, Northampton, NN1 3EU
How to complain
In the first instance, please contact our Data Protection Officer at the above details and we will respond to you as soon as possible.
If you are unhappy with the way we have handled your complaint, you can also contact the ICO on the details below.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113