Data Protection Policy
This policy has been created to reflect best practice in data management, security and control and to ensure compliance with General Data Protection Regulations (GDPR) 2018 and any subsequent changes or amendments.
The EU General Data Protection Regulation (GDPR) came into effect on 25th May 2018 and in the UK the GDPR replaces the Data Protection Act 1998. It is designed to enable individuals to better control their personal data. For Morgan Fire Protection Ltd this includes, but is not limited to, personal information such as names, addresses, emails, customer lists, suppliers lists and HR records.
Morgan Fire Protection Ltd needs to collect and use certain types of information about customers and other individuals who come into contact with the Morgan Fire Protection Ltd. This personal information must be dealt with properly however it is collected, recorded and used – whether on paper, in a computer, or recorded on other material – and there are new safeguards to ensure this in the General Data Protection Regulation (GDPR) 2018.
Morgan Fire Protection Ltd regards the lawful and correct treatment of personal information as very important and therefore ensures that personal information is treated lawfully and correctly. To this end Morgan Fire Protection Ltd fully endorses and adheres to the Principles of Data Protection, as detailed in the General Data Protection Regulation (GDPR) 2018.
Specifically, the Principles require that personal information:
- shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met,
- shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes,
- shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed,
- shall be accurate and, where necessary, kept up-to-date,
- shall not be kept for longer than is necessary for that purpose or those purposes,
- shall be processed in accordance with the rights of data subjects under the Act,
- shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
- In addition that appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Morgan Fire Protection Ltd will, through appropriate management, apply strict application of criteria and controls:
- observe fully conditions regarding the fair collection and use of information,
- meet its legal obligations to specify the purposes for which information is used,
- collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements,
- ensure the quality of information used,
- apply strict checks to determine the length of time information is held,
- ensure that the rights of people about whom information is held, can be fully exercised under the Regulation. (These include: the right to be informed that processing is being undertaken, the right of access to one’s personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase information which is regarded as wrong information),
- take appropriate technical and organisational security measures to safeguard personal information,
- ensure that personal information is not transferred abroad without suitable safeguards,
- treat people justly and fairly whatever their age, religion, disability, gender, sexual orientation or ethnicity when dealing with requests for information,
- set out clear procedures for responding to requests for information.
In addition, Morgan Fire Protection Ltd will ensure that:
- there is someone with specific responsibility for Data Protection. Morgan Fire Protection Ltd’s Data Protection Officer is the Managing Director, Paul Creasey,
- staff managing and handling personal information understands that they are contractually responsible for following good data protection practice,
- staff managing and handling personal information is appropriately trained to do so,
- staff managing and handling personal information is appropriately supervised,
- those wanting to make enquiries about handling personal information knows what to do,
- queries about handling personal information are promptly and courteously dealt with,
- methods of handling personal information are clearly described,
- a regular review and audit is made of the way personal information is held, managed and used,
- methods of handling personal information are regularly assessed and evaluated,
- performance with handling personal information is regularly assessed and evaluated,
- a breach of the rules and procedures identified in this policy by a member of staff may lead to disciplinary action being taken,
- a breach of the rules and procedures identified in this policy by a Member is a potential breach of the Code of Conduct
Thank you for contacting Morgan Fire Protection Ltd as a valued customer, past or present, or as a new enquirer. We are committed to protecting the privacy and security of any personal information you supply to us. This Notice sets out how we collect and use information about you, in accordance with the General Data Protection Regulations (GDPR).
- We will require certain information to provide you with a quotation and to carry out the routine servicing of your fire equipment. Information that identifies you as an individual is classed as Personal Data (including your first and last name and personal email address). This may be supplied by you online via our website (www.morganfire.co.uk), by email or telephone to us.
- We will use your Personal Information to provide you with a quotation when requested. We may occasionally use your Personal Information to inform you about industry updates, special offers, Morgan Fire price updates and other fire protection related information. We may use the data gathered to help towards development of new services or improve your existing services or to invite you to participate in market research. We will continue to include opt out/unsubscribe links in any marketing information supplied to you. Information you supply to us will not be shared with third parties for marketing purposes.
Customer and new enquirer personal information collected online
Morgan Fire Protection Ltd (“us”, “we”, or “our”) operates http://12345678.co.uk/morgan (the “Site”). This Notice informs you of our policies regarding the collection, use and disclosure of Personal Information received from users of the Site. We use your Personal Information only for providing and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy.
- Information Collection And Use – While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name (“Personal Information”) and email address.
- Log Data – Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics. In addition, we use third party services Google Analytics and Awstats that collect, monitor and analyse this data to assist us in ensuring our website is reaching our target audience.
- Cookies – Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive. Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
- Security – The security of your Personal Information is important to us, and although no method of transmission over the Internet, or method of electronic storage, is 100% secure, we strive to use commercially robust means and safeguards to protect your Personal Information.
Customer and new enquirer personal information held by Morgan Fire Protection Ltd
Confidentiality and security is important to Morgan Fire and the company has adopted measures to protect customers’ data. This includes but is not limited to
- Strict user password policy, ACS across all our file servers, hardened firewall protecting all our sites, SSL encryption for all data transmissions, encrypted backups, enterprise endpoint protection, email security filtering, intrusion detection and prevention, engineers’ devices are encrypted, 10+ year’s engagement with a CEHv9 Certified Consultant for recommendations and identifying vulnerabilities within our systems.
Morgan Fire customers can settle invoices by card, cheque or cash. For card payments we will require the following information: Long card number, expiry date, CSV number on the back the card, amount customer is paying.
- Under no circumstances will payment card information be stored. Once the payment has been processed any card payment information will be destroyed through the shredder machine.