INFORMATION AND DATA PROTECTION POLICY
Martin Thomas Associates Ltd will only collect and use personal data in ways that are described within this policy, and in a way that is consistent with our obligations and your rights under the law.
Martin Thomas Associates Ltd is registered under the General Data Protection Regulation.
Martin Thomas Associates Ltd regards the lawful treatment of Personal Data as necessary for its continued successful operations and to maintain confidence between clients, third parties, personnel and Martin Thomas Associates Ltd itself. The Data Protection register is in place for the following purposes:
- Staff administration
- Advertising, marketing and public relations
- Accounts and records
- Consultancy and Business services
- Commercial Activity
- Information and Databank Administration
What is personal data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. In simpler terms, any information about you that enables us you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data and online identifiers.
This policy is in relation to relationships with Martin Thomas Associates Ltd’s customers, suppliers and personnel.
Your rights under the GDPR
Martin Thomas Associates will always work to uphold the following rights:
- The right to be informed about our collection and use of your personal data.
- The right to access the personal data we hold about you.
- The right to have your personal data rectified if any of your personal data is inaccurate or incomplete.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to data portability. This means you can ask us for a copy of the data held by us to re-use with another service or business.
For any of the above, please contact us by post, telephone or email at our office, as below
Suite 7, Chatmohr Estate, Crawley Hill, West Wellow, Hampshire, SO51 6AP (For the attention of the Data Protection Officer)
Telephone: 01794 324725
Personal Data Collected
We may collect some or all of the following:
- Email Address
- Telephone Numbers
- Business Name
- Job Title
- Payment Information
- Information about your preferences and interests
How we use your Personal Data
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of personal data or because it is in our legitimate business interests to use it. It may be used for the following purposes:
- Providing and managing your account
- Supplying Building Services and M&E Engineering, or other Consultancy Services requested by you where your personal details are required for us to enter into a contract with you.
- Personalising and tailoring our services for you.
- Communicating with you. This may include responding to emails or calls from you.
- Providing contractors and other professionals with your details where relevant.
- Communicating with you as part of a project design team
- Communication with you in order to provide our services to our clients
We may sometimes contract with third parties (e.g. contractors, suppliers and manufacturers) to supply services on our behalf in relation to a project and these third parties may require access to some or all of your personal data that we hold. We will take steps to ensure that your personal data is handled safely, securely and in accordance with your rights, our obligations and the third party’s obligations under the law.
With your permission, and/or where permitted by law, we may also use your personal data for marketing purposes with information about our services. You will not be sent any unlawful marketing or spam.
How long we keep your Personal Data
We will not keep your Personal Data for any longer than is necessary for the reason(s) for which it was first collected. Your personal data will therefore be kept for the terms of the contract in which we enter (generally 6 or 12 years depending on the type of contract) or for 6 years for Project Information and 7 years for accounting information. Details for a project that does not go ahead can be deleted immediately at your request.
Martin Thomas Associates Ltd takes measures to guard against unauthorised or unlawful processing of personnel data and against accidental loss, destruction or damage.
- Taking steps to control physical security on the Martin Thomas Associates infrastructure. Onsite data is protected by industry standard security technology, including industry standard firewalls, anti-virus protection, password protection and restricted access.
- Maintaining an established business continuity/disaster recovery plan
- Training all staff on security systems and procedures
If you decide that you do not wish to receive marketing communications from us, please email firstname.lastname@example.org or contact our Data Protection Officer on 01794 324725.
Data Access & Corrections
Upon receipt of your request, we will disclose to you the data we hold about you within 28 calendar days. We will also correct, amend or delete any Personal and/or Business data that is inaccurate and notify any third party recipients of the necessary changes.