GDPR Policy

Swan Digital Ltd GDPR Policy

General Data Protection Legislation (GDPR) is implemented in the UK by the EU in May 2018. Swan Digital Ltd (SD) has the following policy.statement:

 All Personally Identifiable Information (PII) stored by SD is maintained in a password protected encrypted secure environment accessible to only those personnel who need access in order to carry out their duties.

 SD I.T. backup is stored in ISO 27001 certified UK Data Centres with 256 bit military standard encryption and never leaves the UK.

 PII stored by SD will be deleted when no longer required or on request under the “right to be forgotten” provided it is not required in order to be kept for legislative reasons.

 SD’s websites may contain cookies to track the number of visitors and other information such as the browser used and country of origin but no PII is collected unless submitted via an enquiry or other form.

 SD may send marketing emails and contact potential customers by other means if we believe there is a legitimate interest. Marketing emails will always contain a link to unsubscribe from further marketing emails and PII is never sold or shared with 3rd parties

 All MFPs supplied by SD which have hard disks have their stored documents and other data encrypted. Any data on computers or MFPs returned to SD when upgraded or no longer required by the customer have any data thereon permanently destroyed as soon as practicable.

 When necessary data from customers of Swan Digital may be accessed in order to carry out support or installation work. Any copy of such data is kept secure, destroyed when no longer required and is never shared with any 3rd party unless necessary and with the customer’s permission.

 SD act in combined interests with customers and suppliers and do everything reasonably possible to protect PII. No-one can claim to be 100% immune to data breaches. If we identify a potential data protection issue we will take all reasonable steps to limit and correct it and, in the event of a serious breach (e.g. personal credit card or bank details being breached) will do all we can to inform the customer and the relevant authority

Customers

Note that SD cannot be held responsible for the GDPR policy of its customers. It is recommended that customers review the documents and information found at https://ico.org.uk/for-organisations/business/. If further help is required call the ICO helpline on 0303 123 1113 – Option 4 takes you to the GDPR dedicated advice line.

If desired SD will be happy to introduce customers to a GDPR consultant who can review their PII storage and make recommendations.

Document produced March 2018