0121 448 7030 | office@heze.co.uk

Heze Privacy Policy

HEZE LTD

 

DATA

Our company has a list of all types of personal information it holds. It is name, surname, address, phone number and email address.

The source of that information is from the customer.

Who do we share it with? We do share information with courier company XDP Express and hosting provider.

What do we do with it? The reason for data processing is fulfilment of a contract.

How long do we will keep it? We keep it till the contract ends or order is fulfilled.

The personal information is kept at Mysql database.

Our company has a publicly accessible privacy policy that outlines all processes related to personal data. It is available on our website.

 

ACCOUNTABILITY & MANAGEMENT

Our company has appointed a Data Protection Officer (DPO).

 

This person has knowledge of GDPR guidelines as well as knowledge about the internal processes that involve personal information.

 

We make sure key people and decision makers have up-to-date knowledge about the data protection legislation.

 

We make sure our technical security is up to date.

 

We do train staff to be aware of data protection.

 

A lot of security vulnerabilities involve cooperation of an unwitting person with access to internal systems. We make sure our employees are aware of these risks.

 

Our business does not operate outside UK.

Personal data breaches are reported within 72 hours to the local authority. We report what data has been lost, what the consequences are and what countermeasures you have taken. Unless the data leaked was encrypted, we also report the breach to the person (data subject) whose data we lost.

There is a contract in place with any data processors that we share data with.

 

NEW RIGHTS

Our customers can easily request access to their personal information by email or phone.

Our customers can easily update their own personal information to keep it accurate by email or phone.

We automatically delete data that our business no longer has any use for.

Our customers can easily request deletion of their personal data by email or phone.

Our customers can easily request that we stop processing their data by email or phone.

Our customers can easily request that their data be delivered to themselves or a 3rd party by email or phone.

 

CONSENT

We will ask consent when we start processing a person's information.

On our website customer can find link to our privacy policy.

Our privacy policy is written in clear and understandable terms.

When we update your privacy policy, we inform existing customers

 

FOLLOW-UP

We regularly review policies for changes, effectiveness, changes in handling of data and changes to the state of affairs of other countries your data flows to.

We use Paypal for all internet transactions. Please find the below link to Paypal Privacy Policy: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full

We meet The Payment Card Industry Data Security Standards for all cards payment done by phone or by person in our shop.

';