National Pallet Recycling Solutions
Data Privacy Statement
Context and Overview
- Policy Prepared By: Grace Edwards
- Approved by: Carl Flintoff
- Policy became operational in January 2021
- Next review date: January 2022
- GDPR Officer – Grace Edwards – email@example.com
NPRS gathers and uses certain information about individuals in order to provide Pallet services to our clients and to those individuals.
What data we gather
NPRS may collect the following information:-
- Name and Job title
- Demographic information
- Contact information including email address
- Other information relevant to client enquiries
Where we gather data from:
NPRS uses a number of external sources to help gather personal data, including:-
- Directly from the enquiring Party
- Online sources such as LinkedIn
- Companies House and other such websites with relevant information
How we use this data
Collecting this data helps NPRS understand and align client suitability and service required.
NPRS will only share personal data with third parties who are involved in the service provided; we do not share or sell personal data to any third parties not involved in the pallet recycling process.
Lawful basis for gathering personal data
NPRS have identified ‘Legitimate Interests’ as the main lawful basis for collecting and
processing an individual’s and company’s details.
The legitimate interests refer to the commercial interests of NPRS or of third parties that NPRS have a commercial relationship with.
NPRS will retain personal data for an indefinite period of time, for the purpose of ongoing commercial Legitimate interests. However, individuals and companies have the right to request the removal and deletion of their personal data at any time.
NPRS will always hold information securely and:
- Comply with the data protection law and follow good practice
- Protect the rights of staff, clients and partners
- Will be open about how it stores and processes individuals data
- Protect itself from the risks of a data breach
To prevent unauthorised disclosure or access to client’s information, NPRS has implemented strong physical and electronic security safeguards. NPRS also follows stringent procedures to ensure that working with all personal data is in line with the Data Protection Act 1998 and General Data Protection Regulation (GDPR) 2016.
If you have any queries relating to data protection within NPRS or would like to request the removal of your personal data, please send your enquiry to firstname.lastname@example.org.