Sercal Calibrations and Service in the course of our business may collect personal information. Such activity is regulated by the General Data Protection Regulation (GDPR). The GDPR is a series of laws, approved by the EU Parliament in 2016 with an effective date of 2018-05-25. The regulations give people greater control over their information, including the ability to withdraw consent for its use and to request access to it. Sercal Calibrations and Service is an entity identified as a Data Controller and this document explains how we intend to comply with the regulations.
Information we collect and how we collect it:
- From the Website we collect name and contact details from our contact form.
- From other sources we collect the name and contact details of a person chosen by the customer as a point of contact for our dealings with the customer. These will be normally supplied under the terms of the contract of employment of the chosen contact, although this does not preclude the contact exercising their rights under the regulations.
How we use the information we collect:
- For administrative and business purposes, for example to contact you, process orders, arrange appointments, and to improve our business and website.
- The contact name may be included in the calibration certificates we provide as part of our service. These certificates are supplied to the customer and may be stored indefinitely by the customer or interested third parties.
- To inform you of important and material events which directly affect our contract with the customer, such as changes of our contact details or non-payment of invoices. Such communication is an essential part of our provision of services.
- To keep you informed of our goods and services, unless you have opted out of such communications. The option to opt-out will be provided in any communication with us, or by contacting us at any time.
How long we retain information:
- We store information for no longer than is needed to fulfil our legitimate business needs and discharge any legal obligations we may have, for example to maintain tax records. Information supplied to us by email may be archived in our email system for up to five years.
Transfer of Information:
- The majority of the data used by Sercal Calibrations and Service are stored and processed in the EU. We may however use cloud storage servers which may physically be outside the EU. In these cases, data will be encrypted before storage and / or in the case of US servers, we use companies that have self-certified as compliant with EU data regulations.
- We disclose information to third parties only to the extent necessary to run our business, to our service providers, to fulfil any contracts we enter into with you, and where required by law or to enforce our legal rights.
- We will never sell information to third parties other than in the course of the sale or transfer of the business.
Sensitive personal information:
- We do not knowingly or intentionally collect or extrapolate ‘sensitive personal information’. Please do not submit sensitive personal information to us. For example, if you mention an item of personal information such as your date or place of birth in a contact form, we would not use or process this information and would do our best to delete it from our system.
Rights in relation to personal information:
- A person has the rights under the legislation to access their information and to receive information about its use. If you would like a copy of the information we have, please contact us at any time.
- You may request that we remove your information from our systems, but we do require at least one point of contact with every customer we deal with, (although this may be a generic entity such as ‘Head of Laboratory’ ) a contact telephone number and email address.
How we keep information secure:
- We use appropriate technical and organisational measures such as storing your information on secure servers, encrypting transfers of data to or from our servers using Secure Sockets Layer (SSL) technology and only granting access to your information where necessary.
- All our Employees and sub contractors are made aware of the importance of data security and the need, where possible to secure access to personal equipment and shared resources with strong passwords.
Further information: Please contact us with any queries or concerns you may have about any aspect of our data policy.