GDPR

This policy pertains to this website by Quality Systems Consultancy Ltd, a company headquartered in Stafford, UK. This includes www.qscconsultancy.co.uk additional Quality Systems Consultancy websites, and digital assets produced and or managed websites (together, the “Site”).

Quality Systems Consultancy is responsible for the processing of personal data and is a data controller for the purposes of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation (‘GDPR’)).

General Data Protection (GDPR)

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. It becomes enforceable on 25 May 2018.

According to the European Commission, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life.

This policy explains how Quality Systems Consultancy conforms to this requirement. Please also see our Privacy Policy for specific details on how we use your data.

A lawful basis for data processing

Data will not be processed unless there is at least one lawful basis to do so. Mainly this will be when the data subject has given consent to the processing of personal data for one or more specific purposes.

Consent will be assumed if the data subject has made their personal details available through a recognised business community and has volunteered to join one of Quality Systems Consultancy networking groups. For example they may have agreed to join Quality Systems Consultancy LinkedIn Network, have ‘friended’ on Facebook or other Social Media platforms or has provided a business card at a face to face meeting. In these circumstances the data subject is taken to represent their company and has joined Quality Systems Consultancy network in order to receive information from Quality Systems Consultancy. In addition it will be assumed that the details given are the data subject’s business contact details

Quality Systems Consultancy offers a services that provide, manage and maintain Business Management Systems (ISO, OHSAS) as well as other commercial services. Activities for which consent has been assumed includes but is not limited to;

  • Receiving community based notifications such as up-dates and newsletters relevant to our services
  • Email marketing
  • Order processing
  • Support queries

Processing may also be necessary under certain other conditions such as but not limited to:

  • for the performance of a contract
  • for compliance with a legal obligation
  • to protect the vital interests of the data subject or of another natural person

 

Records of Processing Activities

Records of processing activities will be maintained that include purposes of the processing, categories involved and envisaged time limits

Data protection by design and by default (Article 25) requires data protection to be designed into the development of business processes for products and services. Privacy settings will therefore be set at a high level by default, and technical and procedural measures will be taken by the controller to make sure that the processing, throughout the whole processing lifecycle, complies with the regulation.

GDPR makes special provision for special categories of personal data (Article 9). Quality Systems Consultancy does not process any of these categories.

The web hosts and social media providers that we use also all conform to GDPR standards.

 

Your Rights

In all circumstances where we collect personal data from you, we will only collect the minimum amount of data required for us to perform the defined processing purpose/s.

Right of access:  citizens have the right to access their personal data and information about how this personal data is being processed. These include information on the data subject, details about the processing of data, such as the purposes of the processing, with whom the data is shared, and how Quality Systems Consultancy acquired the data.

Right to erasure: Article 17 provides that the data subject has the right to request erasure of personal data related to them on any one of a number of grounds.

Share This