OC Locks & Services Ltd Privacy Policy - How We Use Your Information

1. Customer Introduction
1.1 In this policy, “we”, “us”, “our” refer to OC Locks & Services Limited and “you” and “your” refer to our customers.
1.2 We are committed to protect the private data we receive and store from you and respect your rights under the General Data Protection Regulation.
1.3 At OC Locks & Services Limited we take the protection of your privacy very seriously. We will only use your personal information to deliver the services you have requested from us, and to meet our legal responsibilities.
1.4 This policy applies when we receive your data and we are acting as “data controller” and when we process it and we are acting as “data processor”.
1.5 For more information about us and how you can contact us, please see Section 14.
‍
2. How do we collect information from you?
2.1 We collect information directly from our customers via telephone, email and face to face communication methods for schedule and financial purposes. For example, when you engage us to deliver our services and/or at the end of a job when details such as name and address are requested to create an invoice.
2.2 We also obtain information when you use our website, for example, when you use the “contact us” form to enquire about our services.
2.3 Information may also be gathered if you contact us through our social media platforms.
‍
3. What type of information do we collect from you?
3.1 The personal information we collect from you will vary depending on which services you require and how you engage with us. The personal information we collect might include your name, address, telephone number, email address and occasionally in the instance of a refund or reimbursement your bank account details.
3.2 The cookies upon our website may also track which pages you may have visited on our website and when you accessed them.
‍
4. How is your information used?
4.1 In this section we explain how we use your personal data.
4.2 In general terms, and depending on which services you engage us to deliver, as part of providing our agreed services we may use your information to:
• contact you by post, email or telephone
• verify your identity where this is required
• understand your needs and how they may be met
• maintain our records in accordance with applicable legal and regulatory obligations
• process financial transactions
• prevent and detect crime, fraud or corruption
4.3 Your data will be used as correspondence data (OC Locks & Services Limited may contact you by e-mailing or calling to give you updates on the service required or to send you a written quotation). The legal basis of processing the correspondence data is the legitimate interest to perform a service, requested by you from us.
4.4 Your data will be used as transaction data and it may be used for financial records such as invoices and it will be retained for 6 years in accordance to section 221 of the Companies Act 1985. The legal basis of this processing is the “legal obligations” to which OC Locks & Services Limited is subject.
4.5 We are required by legislation, other regulatory requirements and our insurers to retain your data even where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically six years. Further information can be found in our Document Retention and Disposal Policy located upon our website, https://oc-services.co.uk/policies.html
‍
5. Who has access to your information?
5.1 We will not sell or rent your information to third parties.
5.2 We will not share your information with third parties for marketing purposes.
5.3 Any staff with access to your information have a duty of confidentiality under the ethical standards that OC Locks & Services Limited are required to follow.
‍
6. Third Party Service Providers working on our behalf
6.1 We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own purposes. Please be assured that we will not release your information to third parties unless you have requested that we do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention and detection of crime, fraud or corruption.
‍
7. How you can access and update your information
7.1 Keeping your information up to date and accurate is important to us.
7.2 We commit to regularly review and correct where necessary, the information that we hold about you. If any of your information changes, please email or write to us, or call us using the ‘Contact information’ noted below.
7.3 You have the right to ask for a copy of the information that OC Locks & Services Limited holds about you.
‍
8. Security precautions in place to protect the loss, misuse or alteration of your information
8.1 This section explains how we store your private data and for how long.
8.2 Your private data may be printed and secured in our filing cabinets. The [cabinets/safe] are placed at our offices that is secured by high level security and an alarm system. We store our correspondence/schedule data for one year for the legitimate purpose of keeping a record of the job our company attends.
8.3 Your private data may be stored electronically on our servers that are based in the UK. Our computers are protected by password and anti-virus program, and they can only be accessed by our staff members.
8.4 Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
‍
9. Deleting your data
9.1 This section explains how we delete/destroy your data once is no longer needed. For more details about the length of time we store your data please see Section 4 (4.5) and 8 (8.2) or refer to our document retention and disposal policy.
9.2 Once your private data is no longer relevant/needed OC Locks & Services Limited will permanently delete the electronic files.
9.3 Once your private data is no longer relevant/needed OC Locks & Services Limited all paper files will be shredded in a manner that complies to the GDPR, to destroy the documents.
‍
10. Data breaches
10.1 OC Locks & Services Limited has procedures in place to protect your details against data breaches such as passwords for electronic files, which are periodically changed, security alarms and secure filing cabinets for physical documents. For more details on how we securely store your documents please see section 8.
10.2 We back-up your data by creating an electronic copy of each document that is securely stored on our server based in the UK, which is protected by password and anti-virus program.
10.3 OC Locks & Services Limited have a Data Breach Policy in place and understand the legal requirement to report a data breach to ICO (Information Commissioner's Office) in maximum 72 hours from the event. We also commit to inform every person that has been affected by the data breach. For further information please see our Data Breach Policy located upon our website, https://oc-services.co.uk/
‍
11. Your rights
11.1 Access to your information: You have the right to ask for a copy of the information OC Locks & Services Limited holds about you and can do so by submitting a Subject Access Request (SAR), further information as well as the SAR form can be found under the policies section of our website.
11.2 Correcting your information: Keeping your information up to date and accurate is important to us. We commit to regularly review and correct where necessary, the information that we hold about you. We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
11.3 Deletion of your information: You have the right to ask us to delete personal information about you where:
o you consider that we no longer require the information for the purposes for which it was obtained
o you have validly objected to our use of your personal information - see ‘Objecting to how we may use your information’ below
o our use of your personal information is contrary to law or our other legal obligations
o we are using your information with your consent and you have withdrawn your consent - see ‘withdrawing consent to use your information’ below.
11.4 Restricting how we may use your information: In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where there is no longer a basis for using your personal information, but you do not want us to delete the data. Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
11.5 Objecting to how we may use your information: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
11.6 Withdrawing consent to use your information: Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
11.7 Complain We seek to directly resolve all complaints about how we handle your personal information, but if you feel there is a problem with the way we are handling your data, you also have the right to lodge a complaint with the Information Commissioner’s Office at:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone - 0303 123 1113 (local rate) or 01625 545 745
Website: https://ico.org.uk/concerns
11.8 If you wish to exercise any of the rights in these paragraphs, please contact the data protection officer on info@oc-services.co.uk
‍
12. Your Choices
12.1 We may occasionally contact you by post to keep you informed of any changes in legal and regulatory requirements that are relevant to how we are handling your personal data. If you do not wish to receive such information from us, then please let us know.
12.2 We do not operate an email marketing system and will not contact you with any updates on our products and services. Should you wish to keep up to date with any promotions or services we are running, then please see our social media pages https://www.facebook.com/OCServices1 or https://twitter.com/services_oc.
Please note that our privacy notice does not cover how these platforms may process your information, and we encourage you to read the privacy notices on the websites you may visit. We do however see and decide how we will manage information given via these platforms for example, if you send a message via social media that requires a response from us, we may process it in as an enquiry or a complaint under the relevant legal basis of processing data.
12.3 Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.

13. Amendments
13.1 We keep this privacy notice under regular review [and will place any updates on our website. Paper copies of the privacy notice may also be obtained from contacting our office
13.2 This privacy notice was last updated on 5th December 2018
‍
14. OC Locks & Services Limited Contact Details
14.1 You can contact us using one of the following methods
a) By post to 9 Cowshot Crescent, Brookwood, Woking, GU24 0PH
b) By e-mail to info@oc-services.co.uk
c) By telephone 01483 600464.
‍
Resources & further information
• Overview of the GDPR - General Data Protection Regulation
• Data Protection Act 1998
• Privacy and Electronic Communications Regulations 2003
• The Guide to the PECR 2003
• Small business GDPR policy template