The Emergency Plumber Experts data protection policy refers to our commitment to treat information of interested parties in line with good practice, legislation requirements and to protect clients, staff and other individuals as well as the organisation.
This policy covers all data subjects whose personal data is collected in line with UK Data Protection Laws. It is the responsibility of the Data Processing Officer to ensure this policy is available to all data subjects prior to The Emergency Plumber Experts collecting any data.
The DPO will also ensure all employees who interact with data subjects are responsible for drawing attention to this policy to
- show a legitimate reason for collecting data
- that consent, where relied upon, is given to process this data
- how the data will be processed
- how the data will be stored
The Personal Information we collect
Where you submit your personal information to us it will only be used for the stated purpose and any reasonably incidental purposes. Such information will only be used by us for
- the purposes for which it was provided by you and any reasonably incidental purposes including providing you with the information that you request from us
- support and administration purposes
The Emergency Plumber Experts collect the following information from our clients
- Full Name
- Email address
The lawful basis to collect this information
We collect this information on the lawful basis for entering into or performance of a contract, be this with our clients or our staff.
In certain circumstances, we may have to abide by a legal obligation which we may be subject to, including, but not limited to, sharing data with Gas Safe, HMRC or law enforcement agencies. Where we do this, and we are legally permitted to, we will clearly inform you.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of legitimate business, security and for monitoring compliance with office policy. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
The storage location of information
All data is stored within the UK only.
The Emergency Plumber Experts ensure all the best security practices are followed to ensure privacy by design is integral to the processing of information, this includes, but is not limited to, the use of.
- Secure storage, including electronic and paper copies
- Data encryption, at rest and during transmission, where practical
- The use of unique and secure passwords
- Granular access controls to information
- Use of anti-virus, ransomware, firewalls and other software protections
- All systems and software maintained and kept up to date
- Secure disposal of information at all times, either through shredding or securely deleting electronic copies
Retention of information.
We will retain the data for the period of the contract we have with clients/staff.
We will retain client data for 7 years after the contract has ended to enable us to
- To comply with our regulatory obligation with Gas Safe and HMRC records.
- To protect ourselves in case of any legal claims against The Emergency Plumber Experts
All data will be removed following security best practices to ensure the data is fully deleted and unrecoverable.
We currently do not use your personal information for any marketing. If this changes then we will seek your consent beforehand.
Information we share
As part of the client contract we need to share information with:
- Other parties who are providing services as part of the agreed contract
- In the unfortunate event of debt recovery or legal action, we reserve the right to pass on your information to our representatives
Under the UK Data Protection laws individual have the following rights:
- Right to access – you have the right to request a copy of all data we hold about you;
- Right to rectification – where any data we hold is incorrect, you have the right to ensure it is correct;
- Right to be forgotten – if you no longer wish for us to hold your data, we will delete it unless we have a lawful reason not to;
- Right to portability – you can ask us to provide your data to a third party in machine-readable format;
- Right to restrict processing – since we only use this to contact you, there is no processing to restrict, we would simply delete the information wherever possible and in keeping with our own obligations.
If at any point you believe the information we process on you is incorrect, you may request to see this information and even have it corrected or deleted. If you wish to raise a complaint about how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk/concerns.
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
We can be contacted at the following address, telephone number and email address:
If The Emergency Plumber Experts, or substantially all of its assets, are acquired, or in the unlikely event that The Emergency Plumber Experts goes out of business or enters bankruptcy, user information would be one of the assets that are transferred or acquired by a third party. You acknowledge that such transfers may occur and that any acquirer of The Emergency Plumber Experts may continue to use your personal information as set forth in this policy. If this occurs you will be informed prior to the transfer.
The Emergency Plumber Experts website does not specifically collect any personal information.
When someone visits www.theemergencyplumberexpert.co.uk we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be upfront about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Links to other websites
Handling a Personal Data Breach
Everyone involved in handling personal information needs to be aware of their responsibilities and legal requirements under UK Data Protection Laws in the event of a data breach. The ICO has stated that data breaches that are likely to result in risk to individuals rights and freedoms should be reported and processed within 72hours. Further information can be found on the ICO website http://www.ico.org.uk
Examples of personal data breaches include
- the loss of a USB stick,
- data being destroyed
- data being sent to the wrong address
- the theft of a laptop or smartphone,
- data stored by a third party i.e. software systems and apps.
In the event of a data breach, we will use the ICO standard reporting form, ICO Data Breach reporting template, and in the event that the data breach has a significant impact on the people affected we will inform them directly either via email or our website.