- What is GDPR?
- Why is the GDPR necessary?
- How does GDPR benefit us?
- Will GDPR be relevant once “Brexit” takes place?
- What has SHS Hire done to comply?
- What are the key personal data protection rights under the GDPR?
- How can I interact with my data?
- What platforms do SHS Hire use for marketing?
- How do I know my information is safe with SHS Hire?
- Who will SHS share my information with?
What is GDPR?
GDPR stands for General Data Protection Regulation and is introduced across Europe from 25 May 2018. It is an update in legislation that unifies data protection practices and obligations across all European countries. In the UK, it replaces the current Data Protection Act 1998.
Why is the GDPR necessary?
When you consider that the Data Protection Act was bought in 20 years ago and the immense advancements in technologies and globalisation in this time it means that a lot of the policy is outdated. Due to technology, the average person’s data is multinational by way of choosing to place their money in foreign owned banks, having social media & peer to peer accounts, online shopping linking them to a world of trade or simply visiting a website where the server is based outside of their home country.
How does GDPR benefit us?
The General Data Protection Regulation aims to better protect the rights of inh3iduals regarding their personal data. Specifically, it applies to EU citizens anywhere in the world. Therefore, if you use a cloud-based system which is based in the US, the company providing that system is duty bound to comply with the GDPR as you are an EU citizen. The GDPR introduces new rights to the inh3idual which we will expand upon within this page.
The introduction of the GDPR will create a single data privacy law for all in the EU, making it easier for companies to communicate cross-border with less of an administrative burden.
Will GDPR be relevant once “Brexit” takes place?
Absolutely! Firstly, GDPR is being introduced on 25th May 2018 and the Brexit process begins after this on 29th March 2019 with the transition running until 31 December 2020. The Queens speech in 2017 confirmed that GDPR will form part of UK law following the withdrawal from the EU. Furthermore, UK companies who process the data of EU nationals will still need to comply with GDPR as is the case with other non-EU countries.
What has SHS Hire done to comply?
Here at SHS Hire, we have taken a full review of all that data we hold, how we obtain it and what we do with it. We have taken time to learn the new requirements imposed by the GDPR. Then we have identified what we need to do to comply. Based on our findings, we decided to completely re-write our privacy policy which you can view here. We have amended our data recording, management and retention processes and re-applied GDPR compliant practices to this. We have also consulted with our partners, suppliers and system controllers to ensure that the data we share and receive is also safe & compliant.
What are the key personal data protection rights under the GDPR?
- Right to be informed (know what is happening to your data)
- Right of Access (see what data is held for you)
- Right to Rectification (Ensure the data that is held is correct, and to change it if not)
- Right to erasure (if certain conditions are met, your data can be destroyed)
- Right to restrict processing (if certain conditions are met, your data can be stored and not processed)
- Right to data portability (allowing you to take your data and use it with other services)
- Right to Object (refuse data processing based on pre-determined grounds)
How can I interact with my data?
You may wish to exercise your rights to object, transfer, restrict, erase, access or rectify your data and please note that for some of these requests there is specific criteria to be met. We are happy to be transparent with you over the data we hold about you and cater for all reasonable requests. We have one month to satisfy these requests. Requests can be made in writing or verbally, however, for the purposes of auditing, we would encourage the requests to be made in writing. You can contact us via email, letter or our website.
For further information about requests and criteria legislation, please visit the ICO website:
https://ico.org.uk/for-the-public/
What platforms do SHS Hire use for marketing?
Mailchimp – As part of our targeted industry specific marketing, we use Mailchimp to send newsletters. There is a link to sign up to our mailing lists at the foot of our website: www.shshire.com . Being contacted by us via Mailchimp is done entirely with your consent, and there are several GDPR compliant features integrated into Mailchimp inclusive of consent, unsubscribing, personal information deletion, and data transfer. For a more detailed description visit: https://blog.mailchimp.com/gdpr-tools-from-mailchimp/
Facebook – SHS Hire from time to time uses Facebook to advertise its fleet and services. You can search for our company and follow our page. Please note, that by using Facebook you sign up to their terms & they have made amendments to their data privacy policy specifically for GDPR. We do not store or process your profile information from Facebook, however, if you contact us via direct message and provide your contact information then this is done so via your own fruition. We will contact you if you request contact and will process your information as enquiry information only unless this leads to a booking. For more information on Facebook’s compliance with GDPR visit: https://en-gb.facebook.com/business/gdpr
Twitter – As with Facebook, SHS Hire uses Twitter to advertise its fleet and services. You can follow SHS Hire on Twitter and be classed as “a follower”. By using Twitter, you sign up to their terms and they too have made amendments to their privacy terms to address GDPR specifically. We do not store or process any profile information on Twitter, however, if you provide information via a direct message (DM) then we will contact you at your request to discuss an enquiry. Your information will be processed as enquiry information only unless this leads to a booking where more information will be requested.
If any terms are to change, then we will seek your consent prior to processing.
What platforms do SHS Hire use for marketing?
Mailchimp – As part of our targeted industry specific marketing, we use Mailchimp to send newsletters. There is a link to sign up to our mailing lists at the foot of our website: www.shshire.com . Being contacted by us via Mailchimp is done entirely with your consent, and there are several GDPR compliant features integrated into Mailchimp inclusive of consent, unsubscribing, personal information deletion, and data transfer. For a more detailed description visit: https://blog.mailchimp.com/gdpr-tools-from-mailchimp/
How do I know my information is safe with SHS Hire?
We take the safety of your personal data seriously as we do our own. As such, we use encrypted cloud-based storage & communication systems, and programs with data centres that are Sota ISO 27001 accredited. Our computers are supported by anti-virus and anti-malware programmes and we check regularly for updates & patches. Our computers are password encrypted and passwords are changed on a regular basis. Within www.shshire.com the security of the contact forms is handled via https:// as well as email processing system that uses Sendgrids Web API servers.
Who will SHS Hire share my information with?
Under new and previous data protection regulations, SHS Hire will have a duty to provide specific personal information it holds to an authority following an official request supported by law from bodies such as the Police, a court, a council or a licensing authority: e.g. TFL.
Prior to hiring a vehicle, we seek your acknowledgement and consent for us to share your details with an authority/private regulatory company to transfer liability of any PCN’s, toll’s, fine’s, charges that are caused whilst you are in the vehicle.
We will share your information with a designated insurer for the purposes of you obtaining insurance cover for a hire with us or to cater for the responsibility of disclosure when managing an incident that you were involved in with our vehicle.
We may provide your information to our financiers to prove that business has traded between yourselves and SHS Hire.
If you wish for SHS Hire to transfer your details to another company, then this can be discussed prior to any action taking place.
In all cases, we will only disclose as much information as is necessary.
