The New Legislation
The General Data Protection Regulation (GDPR) came into force on the 25th of May, 2018 and is a strengthening and unification of data protection laws, and applies to all individuals within the UK and European Union. The basic purpose of this new regulation are to provide you with the following rights:
- The Right to Access
- The Right to Rectification
- The Right to Erasure
- The Right to Restrict Processing
- The Right to Object to Processing
- The Right to Data Portability
- The Right to Complain to a Supervisory Authority
- The Right to Withdraw Consent
The basics of these rights are that you have the right to know what personal data we hold, the right to have it corrected, deleted, restrict what it's used for and the ability to change your mind. There are exceptions and limits to these right, for example we may need to hold on to certain data for legal reasons, such as sales information which we need to retain for our records for 6 years from the end of our last financial year according to HMRC policy.
Also included is the right to get a copy of the data we hold on you, and the right to complain to a recognised authority if you feel any of these rights are being infringed.
What we Have Done to Meet These Requirements
JP-UK have always taken care to treat your data responsibly, but we've taken measures to make sure we comply with the new requirements of this legislation.
Audit of Data Held:
We've examined our systems and processes to identify what personal data we collect and hold, and how we use and control this data. This includes both our website, and internal office systems. We've ensured that all data collected is held in a secured manner, with access restricted to the public.
Measures Put in Place:
We've included controls in the my account section of the website to allow you to choose if you wish to receive certain types of communication, such as review requests, loyalty points reminders and more.
We've made it clearer on the site when we are requesting data, and what we will use it for.
In addition to this, we have created the Role of Data Protection Officer, a member of staff who can act as a single point of contact should you wish to discuss the personal data we hold about you, request a copy in a digital format, request corrections and deletions. You can contact the officer by email to: firstname.lastname@example.org or in writing to:
Data Protection Officer
JP-UK have always cared about our customer's privacy and data, and maintain our commitment to use it responsibly, and to continue with our policy of not 'spamming' you with multiple marketing communications. We never have and will never sell your data to third parties and commit to continue treating your personal data with care, and with security in mind.
Should you have any questions or concerns about your personal data & JP-UK, we encourage you to get in touch with the Data Protection Officer using the details above.