Privacy Notice – Diamond Controls Limited
Established in 2000, Diamond Controls Limited is an electrical contractor who specialises in the installation of leak detection and trace heating systems for commercial, industrial and residential applications.
It is important to us that we remain transparent in how we handle and manage personal data. We are committed to keeping personal data safe in line with the requirements of the UK General Data Protection Regulation (GDPR). This Privacy Notice explains in more detail what personal data we collect, how we keep it safe and your rights around this.
What personal information do we collect and why?
The Information Commissioner’s Office (ICO) defines personal data as ‘any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.
In order for us to provide a high quality of service, we need to retain your personal data to be able to contact you to discuss matters such as quotations, service reminders and service reports. Your customer history is retained to allow us to manage any current or future maintenance issues, or make recommendations for the best fit repairs.
There may be times when we need to pass your personal data to third parties, such as contractors who are working on our behalf. We would only share your details with third parties where we have obtained your consent (unless it is legally required), and it is appropriate and necessary (for example, sharing your address or telephone number for a delivery of materials).
The GDPR says that there are 6 lawful reasons for which we can hold personal data, which are: Consent, Contract, Legal Obligation, Vital Interests, Public Task or Legitimate Interests. This is an outline of the personal data that we currently collect and process:
How do we keep your personal data safe?
We are legally allowed to retain your data for a reasonable and appropriate length of time, as long as your data is used for its intended purpose. Our customer database is managed electronically and is held in a secure, online system. All system users have their own individual accounts, so we can control who has access and can retain a full audit trail of your data’s journey with us. Written documents are held in a secure office and then disposed of in a confidentially safe manner. Electronic data held or processed by us is backed up via Microsoft 365 Sharepoint.
Diamond Controls Limited is registered with the Information Commissioner’s Office (ICO) and has achieved ISO14001 and ISO9001 quality standards, which emphasises our desire to be compliant through our policies and procedures. Our internal and external processes are aligned in line with the requirements of the GDPR, and we provide training to our employees covering the importance of protecting personal data.
Browsing our website
When using websites, small pieces of text known as ‘cookies’ are sent by your web browser to the website you are visiting. The ‘cookie’ is then stored in your web browser and allows the service or a third-party to recognize you, which makes your next visit easier and more useful to you. For further information see the Cookies Policy https://www.diamondcontrols.co.uk/cookies-policy/ or contact us by emailing us at firstname.lastname@example.org where we will be happy to help resolve your query.
Will we contact you?
We may contact you for reasons such as reminding you about servicing your installed systems. Any contact with you will not be intrusive and we will try to keep all questions relevant and appropriate.
The GDPR says that you have the following rights:
- Your right of access – You have the right to ask us for copies of your personal data.
- Your right to rectification – You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete data you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal data in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal data in certain circumstances.
- Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
You (the “data subject”) have a right to be informed of personal data that is gathered and processed by us (the “data controller”). Only the data controller can make changes to the data. Therefore, if any information has been provided to us by a third party, we will not be the data controller, so will be unable to make any amendments. Please contact the relevant data controller to request any rectifications or objections etc.
How do you find out what information we hold about you?
As explained above, you have a right to access any personal data that we hold about you (personal data must relate to an ‘identifiable natural person’). To do this, you need to raise a Subject Access Request by contacting Iain Ames using the details below.
- Your full name and contact details
- Details of the data you want to access
- Any information that we can use to distinguish you from other people (such as your Job number/invoice number with us)
- Any details or relevant dates that will help us identify what you want.
If you raise a Subject Access Request, we will respond to you as soon as possible, but no longer than 1 month. You are not required to pay any charge for exercising your rights. You will be required to provide 2 of the following forms of ID:
- Current valid passport or driving licence
- Birth certificate
- Utility bill (from the last 3 months)
How to contact us with a query, Subject Access Request or complaint about your personal data
To raise a Subject Access Request, or if you have a query or concern about our use of your personal data, please contact:
Iain Ames, Diamond Controls Limited
Unit 5 Baines Way, Bowthorpe Employment Area, Norwich NR5 9JR
Telephone: 01603 745000 / 0203 8765940 Email: email@example.com
You can also contact the Information Commissioner’s Office if you are unhappy with our response to you, or are unhappy with how we have processed your personal information. The ICO’s address is:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk
Privacy notice – last updated February 2022.