This policy was last updated on the 12th February 2019
OPEN RETAIL SOLUTIONS LIMITED is committed to ensuring the security and protection of the personal information that we hold, and to provide a compliant and consistent approach to data protection. We recognise our obligations in updating and expanding this program to meet the demands of the GDPR.
OPEN RETAIL SOLUTIONS LIMITED is dedicated to keeping the personal information under our control safe and in developing a data protection regime that is effective and demonstrates an appreciation for the regulation. Our preparations and objectives for GDPR compliance have been summarised in this policy and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure ongoing compliance.
How we obtain personal data
You provide us with personal data via our website contact forms, as an Email, over the telephone or face to face. This includes, but is not limited to, your name, postal address, Email address and contact telephone numbers. We use this information to manage and administer your account and to carry out our customer support roles. Written consent is not requested as it is assumed that the consent has been granted when an individual freely gives their own details. Personal data will not be passed on to anyone outside the organisation without explicit consent from the data owner unless there is a legal duty of disclosure under other legislation. For marketing purposes, we will only contact individuals who have chosen to opt-in to any marketing. Email contact will always be accompanied with unsubscribe links to opt-out at any time.
Storage of data
Paper-based data is stored and organised in secure cabinets within our office and in separated folders when used by our staff.
Digital data is kept securely on our internal server, authorised computers and accessed at our office through authorised computers that are password-protected. Secure cloud-based software is also used for accounting and CRM purposes. Passwords are updated regularly.
How long do we keep information about you
We keep information about you as long as is reasonably necessary. This takes into account our needs to meet any legal, statutory or regulatory obligations. We will reassess the information we hold regularly and any information which is no longer required will be disposed of.
The General Data Protection Regulation Act 2018 regulates the processing of information relating to identifiable individuals (data subjects). This includes the obtaining, holding, using or disclosing of such information, and covers computerised records as well as manual filing systems.
Data users must comply with the data protection principles of good practice which underpin the Act. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.
To do this OPEN RETAIL SOLUTIONS LIMITED follows the main Data Protection principles outlined in the General Data Protection Regulation 2018, which are summarised below:
a) Personal data will be processed fairly and lawfully.
b) Data will only be collected and used for specified purposes.
c) Data will be adequate, relevant and not excessive.
d) Data will be accurate and as up to date as possible.
e) Data will not be held any longer than is reasonably necessary.
f) Data subject’s rights will be respected.
g) Data will be kept safe from unauthorised access, accidental loss or damage.
The principles apply to personal data which is information held on computer or in manual filing systems from which they are identifiable. OPEN RETAIL SOLUTIONS LIMITED employees who process or use any personal information in the course of their duties will ensure that these principles are followed at all times.
GDPR roles and employees
OPEN RETAIL SOLUTIONS LIMITED have appointed a GDPR officer, his role is to develop and implement our roadmap for complying with the data protection regulation. The GDPR officer is responsible for promoting awareness of the GDPR across the company, identifying any gap areas and implementing policies, procedures and measures. OPEN RETAIL SOLUTIONS LIMITED understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our plans.
Links to other websites
Personal Data Requests
Personal Data Requests must be given in writing to the Data Protection Officer for OPEN RETAIL SOLUTIONS LIMITED. Where applicable we may require proof of identity for this request.
Data Protection Officer
Open Retail Solutions Limited
First Floor, Unit 31
Eldon Business Park
Tel: 0115 9677 439
Once acknowledged the Data Protection Officer will provide the relevant information within 28 days of request. If the personal data request is not met by OPEN RETAIL SOLUTIONS LIMITED within 28 days of request, or you are unhappy with the personal data report. The next action would be to contact the Information Commissioners Office (ICO) with the relevant information for the ICO to peruse this grievance on your behalf. More information about the ICO and the General Data Protection Regulations can be found at www.ico.org.uk.