Data Protection Policy
The Data Protection Act 1998 (the Act) regulates the way in which all personal data is held and processed. This is a statement of the data protection policy adopted by Top Marques Repair Garage Ltd. It applies to all Top Marques Repair Garage Ltd employees. In order to operate efficiently the Company needs to collect and use information about our Customers to MOT, Service and maintain their vehicles.
Top Marques Repair Garage Ltd regards the lawful and correct treatment of personal information as integral to our successful operation, and to maintaining the confidence of our customers. To this end we fully endorse and adhere to the principles of the Act. Top Marques Repair Garage Ltd is registered as a data controller on the register kept by the Information Commissioner.
The purpose of this policy is to ensure that everyone handing personal information at Top Marques Repair Garage Ltd is fully aware of the requirements of the Act and complies with data protection procedures and that data subjects are aware of their rights under the Act.
Information covered by the Act
'Personal data' covered by the Act is essentially any recorded information which identifies a living individual. Personal data held by Top Marques Repair Garage Ltd will include address and contact information for each customer.
Responsibility for our compliance with the Act
The Accounts Manager reports on any data protection matters to the Director who has overall responsibility for compliance with the Act but individual members of staff are responsible for the proper use of the data they process.
The principles of the Act require require that personal information must:
be processed fairly and lawfully
not be used for a purpose for which it was not collected
be adequate, relevant and not excessive for the purpose
be accurate and up-to-date
not be kept longer than necessary
be processed in accordance with the data subject's rights
be kept secure and protected from unauthorised processing, loss or destruction
be transferred only to those countries outside the European Economic Area that provide adequate protection for personal information.
In order to meet the requirements of the principles Top Marques Repair Garage Ltd will:
fully observe conditions regarding the fair collection and use of information
meet its legal obligations to specify the purposes for which information is used
collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements
ensure the quality of the information used
hold personal information on Top Marques Repair Garage Ltd systems for as long as is necessary for the relevant purpose, or as long as is set out in any relevant contract held with Top Marques Repair Garage Ltd.
ensure that the rights of people about whom information is held can be fully exercised under the Act (these include: the right to be informed that processing is being undertaken; the data subject's right of access to their personal information; the right to prevent processing in certain circumstances; the right to correct, rectify, block or erase information which is regarded as wrong information)
take appropriate technical and organisational security measures to safeguard personal information and
ensure that personal information is not transferred outside the EEA without suitable safeguards.
Top Marques Repair Garage Ltd's responsibilities for data protection and confidential information
Top Marques Repair Garage Ltd will ensure that there is someone with specific responsibility for data protection in the organisation. The nominated person is currently the Accounts Manager who can be contacted at :- Top Marques Repair Garage Ltd, 42 Wilbury Way, Hitchin. SG4 0AP; 01462 437142; firstname.lastname@example.org
Top Marques Repair Garage Ltd will ensure that:
everyone managing and handling personal information understands that they are responsible for following good data protection practice
this policy is available to each member of staff
everyone managing and handling personal information is appropriately trained and supervised
queries about handling personal information are promptly and courteously dealt with and clear information is available to all staff
Staff responsibilities for data protection and confidential information
All staff should be aware of the requirements of the Act and how the rules apply to them.
All staff must complete data protection induction and annual training.
All staff have a responsibility to ensure that they respect confidential information in their possession and maintain information security. Disclosure of confidential information gained as part of your employment to a third party, or assisting others in disclosure, will be viewed by Top Marques Repair Garage Ltd with the utmost seriousness.
All staff are responsible for ensuring personal information is kept no longer than is necessary.
For further advice, please contact the Accounts manager.
Top Marques Repair Garage Ltd respects your privacy. The information that you provide us with, or that is gathered automatically, helps us to monitor our services and provide you with the most relevant information.
Subject Access Requests
Under the Act individuals have the right to access personal information Top Marques Repair Garage Ltd may hold about them.
If you wish to request such information please email email@example.com
Data Protection Complaints Procedure
Top Marques Repair Garage Ltd aims to comply fully with its obligations under the Act. If you have any questions or concerns regarding Top Marques Repair Garage Ltd's management of personal data, including your right to access data about yourself, or if you feel Top Marques Repair Garage Ltd holds inaccurate information about you, please contact the Accounts Manager as above.
If you feel that your questions or concerns have not been dealt with adequately or that a subject access request you have made to Top Marques Repair Garage Ltd has not been fulfilled you can complain to the Director.
If you are still dissatisfied, you have the right to contact the office of the Information Commissioner, the independent body overseeing compliance with the Act: http://ico.org.uk/.
We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
(1) What information do we collect?
We may collect, store and use the following kinds of personal information:
(a) information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation);
(b) any other information that you choose to send to us;
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to: keep track of you whilst you navigate the website; and we will use the persistent cookies to: enable our website to recognise you when you visit.
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
(3) Using your personal information
We may use your personal information to:
(a) send statements and invoices to you, and collect payments from you;
(b) send you general (non-marketing) commercial communications;
(c) send you email notifications which you have specifically requested;
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
In addition, we may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any legal proceedings or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(5) Security of your personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
(6) Policy amendments
(7) Your rights
You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to:
(a) the payment of a fee (currently fixed at £10.00); and
(b) the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).
We may withhold such personal information to the extent permitted by law.
You may instruct us not to process your personal information for marketing purposes by email at any time. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal information for marketing purposes.
(8) Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
(9) Updating information
Please let us know if the personal information, which we hold, about you needs to be corrected or updated.