Data handling policy
DATA HANDLING POLICY
Print Data Solutions Limited (“We”) take data handling very seriously and are committed to ensuring that personal data is protected.
This notice explains the minimum processes we take when handling personal data on behalf of a customer. This policy sets out the principles governing the usage, retention, and disposal in line with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Data Protection Act.
INTERNAL PROCESSES
We are the data processors and will only process personal data in line with the data controller’s instructions. We will never use / sell data in any way other than set out in the data processing agreement. We ask the customer, the data controller, that the following parameters are defined for each data processing project carried out.
- Processing Objective – Scope of the work we are to undertake with the data provided.
- Security – Data Security measures required over and above our standard processing policies.
- Data Retention – Defined process and deletion dates.
If the above parameters are not specifically defined by the data controller, we will adopt the following as a minimum.
DATA RECEIPT
Personal data must be submitted in the format requested for processing via a secure manner. Files should be encrypted with a password and sent to the relevant email address.
For Print & Fulfilment projects – data@printdatasolutions.co.uk
For Web Development projects – web.data@printdatasolutions.co.uk
Passwords should not be included with the file and should be sent separately. Data should not be sent to any other PDS email addresses. Any data sent elsewhere will be deleted immediately.
DATA STORAGE
Any data received will be stored on secure servers. Access to this data will be restricted via password protection, only given to those required to process the data. Duplications will not be made unless essential to the processing of the data.
DATA SHARING
We only share the data provided as necessary for any third party to provide the services as requested or as needed on our behalf. These third parties (and any subcontractors) are subject to strict data processing terms and conditions in line with the parameters defined by that data controller.
RETENTION & DISPOSAL
Unless defined, the data provided will be held securely for 3 months. After this period, the data will be deleted.
DATA BREACH
A data breach procedure has been put in place and issued to all senior management. In line with GDPR a data breach will be notified to the data controller without delay, who is responsible to report the breach to the ICO.
UPDATING THESE POLICIES
We reserve the right to update our policies at any time without prior notice. We will process data in accordance to the privacy policy. Your continued use of the website and/or its services will constitute your consent to the updated policy. Use the “Last Updated” date in this policy to determine when it was last changed.
CONTACT
Questions, comments, and requests regarding this policy are welcomed and should be emailed to dataprotection@printdatasolutions.co.uk or addressed to Kate Shelton, Operations Director, Print Data Solutions, 12 Regent Park, Booth Drive, Park Farm Industrial Estate, Wellingborough, Northants NN8 6GR.
This policy was last updated on 14/07/2023