1.1 Document Control
The document is to be reviewed annually and updated.
1.2 Policy Purpose
All published on website.
2.0 The Policy
The EU General Data Protection Regulations (GDPR) require all companies to treat personal information collected or handled securely and maintain accurate records as to how this information is stored and used. Next Phase Digital recognise that your privacy is important. This document details the information regarding personal data that Next Phase Digital collects, stores and uses.
Next Phase Digital will comply in full with the principals of the GDPR that requires that personal data shall be:
Processed lawfully, fairly and in a transparent manner in relation to individuals;
Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals;
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures..
2.2 How we collect personal information
Next Phase Digital collect personal information via the following means:
- Personal Meetings.
- Telephone Calls
- Online web and printed Forms
- Research or referrals.
2.3 The type of personal information we collect and store
The Type of Information Collected and Stored by Next Phase Digital:
- Work Title
- E-mail address
- Employers address
- Telephone Number
- Mobile Number
Bank Account Details for monthly hosting & support packages are collected via our third party processor Go-Cardless – We don’t have any access to this information.
The Type of Personal Information transferred to Next Phase Digital:
2.4 How we use personal information
Next Phase Digital may use your personal information to:
- Administer and pay our employees.
- Contact our customers relating to past present and future sales.
- Collect Payments and send Invoices and Statements.
- Administer and Personalise our web sites or e-mails.
- Supply products and services.
Next Phase Digital employs a “need to know” policy of sharing information between its employees, agents or subcontractors and will only disclose sufficient information to allow our employees, agents or subcontractors to complete their objectives and as such these parties will be obligated to use that personal information in accordance with the terms of this privacy statement.
In addition to the uses described above Next Phase Digital may disclose your personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defend its legal rights.
2.5 How we insure your personal information is kept secure
Next Phase Digital will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
All employee information will be kept and stored securely a third party processor Freeagent and accessed by Password Protection, from here we access Payroll, Accounting and Time Recording software.
All customer and Supplier details will be kept and stored securely on our secure servers with dropbox, and also a third party processor Freeagent, this is accessed by Password Protection, and accounting Software.
2.6 What we will do in the event of data being compromised
If in any event we feel that the data has been compromised, lost or stolen we will immediately inform all interested parties and take immediate action to mitigate the compromise.
2.7 Our lawful basis for processing this data
If the personal information has been collected by Next Phase Digital we will ensure we have your permission to use the data necessary for the fulfillment of services provided or in order to take steps to procuring further orders.
If the personal information is transferred to Next Phase Digital for the purposes of fulfilling a service we will obtain a statement from the transferee that they have the consent of all personnel to which the information refers before entering into a contract.
2.8 Data Retention
All data transferred to us by third parties will be stored in a restricted area of our secure server.
It will be held there until either the data is no longer required or the transferee has requested us to destroy the data. Data transferred to us will be disposed of using an electronic shredder. Data that has not been used will be destroyed by secure means after a period no greater than 12 months.
All data collected on employees will be held for at least 5 years after employment ceases for archiving purposes unless requested to do otherwise.
All data collected on customers or potential customers will be held whilst ever that data is considered useful or unless requested to do otherwise. The Data will be reviewed at least annually.
2.9 Your rights
All personnel that Next Phase Digital hold personal information on have the following rights:
- The right to be informed of the data being held.
- The rights of access to the information being held.
- The rights to rectification of any errors in the information being held.
- The rights to have the information destroyed.
- The rights to restrict the use of the information.
2.10 Updating this statement
You should check this page occasionally to ensure you are familiar with any changes.
2.11 Contacting Next Phase Digital
By email to email@example.com
By post to Next Phase Digital, 2 Abbey House, Abbey Way, Hartford, Northwich, Cheshire, CW8 1LY.
2.12 Making a complaint
If you have a concern about Next Phase Digital’s information rights practices, you should report it to the ICO by accessing by either e-mailing firstname.lastname@example.org or accessing their web site www.ico.org.uk