IDENTITY & CONTACT DETAILS OF THE CONTROLLER & THE DATA PROTECTION OFFICER
Global QA Limited (GQA) is the Data Controller and has an appointed Data Protection Officer. You can contact the DPO via email; firstname.lastname@example.org.
You can also contact GQA via post at; Parkhead House, Biddulph Park, Stoke on Trent, ST8 7SR.
PURPOSE OF THE PROCESSING AND THE LEGAL BASIS FOR THE PROCESSING
For Global QA Limited (GQA) to fulfill its contractual and customer obligations, there is a requirement to collect specific personally identifiable information relating to our clients, such as their employees and other relevant business information. The legal basis for processing such personally identifiable information is that it is necessary to perform a contract to which the data subject is party or take steps at the data subject’s request before entering into a contract (e.g., sales agreement).
Should there be a requirement to market at organisations that have never enquired or bought into our products and services, we shall only do this on the basis that we have received freely given, explicit Consent.
LEGITIMATE INTERESTS OF GLOBAL QA LTD
Global QA Limited (GQA) has a legitimate interest in further processing the information provided by clients at the point of enquiry or sale for marketing purposes.
We may also use your information for other specific legitimate purposes such as to:
- Ensure that content from our site is presented most effectively for you and your computer.
- Provide you with information, products, or services that you request from us or which we feel may interest you or believe you have a legitimate interest.
- Carry out our obligations arising from any contracts entered into between you and us.
- Notify you about changes to our service.
We do not sell, rent or lease customer lists to third parties. However, we may share data with trusted partners to help us perform affiliate marketing, statistical analysis, send you emails or postal mail. It is prohibited for Third-parties to use your personal information except to provide these services to us, and they are required to maintain the confidentiality of your data.
If you are an existing customer, we may contact you by post, email, or telephone with information about goods and services similar to those that were the subject of a previous sale.
If you are a new customer, we will contact you by post, email, or telephone if you have consented to this or demonstrate a legitimate interest.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information that you provide by filling in forms on one of our websites (www.global-qa.co.uk), (www.brcconsultants.co.uk), (www.siaconsultants.co.uk) (www.brcgsconsultants.co.uk), (www.iso27001standards.com) such as;
- Name – Without this, we won’t know whom to contact when responding to an enquiry made by you.
- Email address – We use this to respond to enquiries made through our website. We also use this information to confirm your orders via email and send you informational messages and offers that may interest you.
- Telephone numbers – If there are any problems with your order or we need to check anything, we need to contact you quickly.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of your site usage
CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA
Global QA Limited (GQA) must transfer the personal information provided by its customers to third parties to fulfill contractual obligations. The following are categories of recipients that we could share customer information to:
- CRM provider
- Data Centres
- External IT Providers
- Third-party feedback platforms
- Certification Bodies
All information you provide to us is on our secure systems. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our site or our mailboxes; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorized access.
We will not disclose your information to any of the relevant third parties listed above for marketing purposes.
DETAILS OF TRANSFERS TO THIRD COUNTRIES & SAFEGUARDS
GQA does not make any transfers of personal data to third countries. All personal data resides within the EEA.
GQA retains all customer information for seven years after they last interacted with us. After seven years of no interaction between the organisation and the customer, their data is securely disposed of. Our justification for retaining this information is that it is necessary for HMRC purposes.
RIGHTS OF DATA SUBJECTS
As a Data Subject (individual) of which GQA process information on behalf of, you have the right to withdraw from our processing at any given time. You can do this through the contact details provided on page 1 of this policy. In addition, you can exercise the right at any time by contacting us at email@example.com.
You have the right to make a Subject Access Request to BRC’s Data Protection Officer if you wish to determine what information we hold on you. You also have the following rights, which you may exercise at any given time by contacting us; right to Rectification, Erasure, Restriction of Processing, Portability, and Objection to processing. We welcome these requests and aim to respond within 72 working hours of receipt.
You also have a right to complain with the Supervisory Authority (Information Commissioners Office in the UK). For example, should you feel that we have not handled your information in line with legislative and regulatory requirements.
AUTOMATED DECISION MAKING, INCLUDING PROFILING & INFORMATION ABOUT HOW DECISIONS ARE MADE, THE SIGNIFICANCE OF THE CONSEQUENCES
We do not use automated decision-making or profiling when processing your data.
We may collect information about your computer, including where available your IP address, geographic location (if you allow when prompted by your browser), operating system, and browser type, for system administration. This type of data is statistical data about our users’ browsing actions and patterns.
You can accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, if you choose to decline cookies, you may not fully experience the interactive features of our site.
If you wish to alter your Privacy settings or opt-out, you can do this by emailing our Data Protection Officer at firstname.lastname@example.org. Our Data Protection Officer shall provide you with contact details of our third parties upon request if required. Alternatively, you can hit the unsubscribe link in one of our marketing emails to auto-generate an email you can send to us.