Privacy Policy

Clyde Recycling Ltd
Unit 3, 1650 London Road, Glasgow, G31 4QG
Tel: 0141 554 8778
Fax: 0141 554 6717
Email: info@clyderecycling.co.uk
Web: www.clyde-recycling.co.uk

Consent

Where it is deemed necessary to use consent as the legal basis for processing personal data the collection process will include a step where consent is clearly requested from the data subject and data will not be collected if consent is not granted. Records of consent will be retained as long as the personal data collected and should include full details of who consented, when, and the detailed proof of how consent was given.

Category / Sensitive Personal Data

When reviewing personal data, we will also identify any special category data that is being processed and will ensure we have the correct lawful basis for processing, collect or process.

Privacy by Design / Data Protection Impact Assessments (DPIA)

Any new developments, projects or technologies that involve personal data will be reviewed to ensure policy privacy by design and privacy impact assessments are completed when required. A DPIA will be completed before completing any data processing activities where there is a high risk to individuals from the processing of their personal data.

Data Processing / Transfer

Personal data is processed and handled in a lawful and transparent manner with clear communication of what data we hold, why we hold it and how long we retain it as summarised on the personal data register and privacy notices. The personal data register also includes details of all data transfers and data recipients. These records must be kept up to date with relevant details to ensure this is communicated on data subjects. Controls are in place on the transfer of personal data to ensure this is completed securely and only retained for the purpose stated in the personal data register.

International Transfer of Personal Data

We will try to avoid any international transfer of personal data and will ensure personal data register and privacy notices include details of any international transfers and will obtain consent from data subjects where required.

Data and Information Security

We have measures in place to ensure Confidentiality, Integrity and Accessibility of all company data and complete regular monitoring and review of the security and information security systems. These measures include:

  • Information Classification
  • IT Systems Monitoring and Backups
  • Access Controls
  • Secure Passwords
  • IT Equipment checks
  • Management of Software
  • Physical Security
  • Staff training and checks

Subject Access Requests (SAR’s)

Our data subjects have the right to be informed about our processing of their personal data and also have various other rights with regards to their personal data. Data Subject Access Requests should be directed at our DPO / Data Protection representative who will follow appropriate SAR procedures when dealing with these requests and will respond to all data requests within 1 month.

Data Breaches

A data breach is defined as the unintended deletion, alteration or loss of protection of data leading to unauthorised, insecure or accidental access, sharing or transfer of data or information assets which hold or can be used to access our data. All data breaches, suspected data breaches, or information security incidents must be reported and logged. Significant breaches concerning personal data may be reported to the relevant regulatory authorities and affected data subjects.

Managing Director: Owen Ritchie
VAT Reg No: 435 2698 34

logosTrust LogoQAS logo

GET IN TOUCH

Website by Kiswebs Web & App Design