With the introduction for the General Data Protection Regulations (GDPR), we have issued this statement to provide our customers and suppliers with the information needed to understand how we are keeping data safe.
Throughout this statement the following applies:
Reference to OPTIS Europe Ltd shall also apply to JMS Consultants throughout.
The use of “We”, “Us” or “Our” means OPTIS Europe Ltd and all our staff.
The use of “You” means our customers and suppliers and their staff.
The use of “Your Data” or “Data” is any information we hold about you
Personal Data Protection Principles
We adhere to the principles relating to Processing of Personal Data set out in the GDPR which require Personal Data to be:
- Processed lawfully, fairly and in a transparent manner
- Collected only for specified, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed
- Accurate and where necessary kept up to date
- Not kept in a form which permits identification of Data Subjects for longer than is necessary for the purposes for which the data is Processed
- Processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful Processing and against accidental loss, destruction or damage
We are responsible for compliance with the data protection principles listed above.
How We Use Your Data
Personal Data will be processed lawfully, fairly and in a transparent manner. We will only collect, process and share Personal Data fairly and lawfully and for specified purposes. The GDPR restricts our actions regarding Personal Data to specified lawful purposes. These restrictions are not intended to prevent processing, but ensure that we process personal data fairly and without adversely affecting the Data Subject.
Processing of data will be for specific purposes listed below:
- the Data Subject has given his or her Consent;
- the Processing is necessary for the performance of contractual obligations;
- to meet our legal compliance obligations;
- to protect the Data Subject’s vital interests;
Sharing Data with Third Parties
Generally we will not share Personal Data with third parties unless certain safeguards and contractual arrangements have been put in place.
We will only share the Personal Data we hold with third parties, such as our service providers if:
- they have a need to know the information for the purposes of providing the contracted services;
- the Data Subject’s Consent has been obtained;
- the third party has agreed to comply with the required data security standards, policies and procedures and put adequate security measures in place;
- the transfer complies with any applicable cross border transfer restrictions, with agreement in place; and
- a fully executed written contract that contains GDPR approved third party clauses has been obtained.
Retention & Security
- Personal data collected will be relevant and limited to what is necessary in relation to the purposes for which it is processed. When personal data is no longer required for specified purposes, it is deleted or anonymised in accordance with JMS Consultants GDPR policy.
- Personal data collected will be, where necessary, kept up to date. It must be corrected or deleted without delay when inaccurate.
- Personal Data will not be kept in an identifiable form for longer than is necessary for the purposes for which the data is processed.
Personal Data will be secured by appropriate technical and organisational measures against unauthorised or unlawful processing, and against accidental loss, destruction or damage.
You have rights when it comes to how we handle your Personal Data. These include rights to:
- withdraw Consent to Processing at any time;
- receive certain information about the Data Controller’s Processing activities;
- request access to their Personal Data that we hold;
- prevent our use of their Personal Data for direct marketing purposes;
- ask us to erase Personal Data if it is no longer necessary in relation to the purposes for which it was collected or Processed or to rectify inaccurate data or to complete incomplete data;
- restrict Processing in specific circumstances;
- challenge Processing which has been justified on the basis of our legitimate interests or in the public interest;
- request a copy of an agreement under which Personal Data is transferred outside of the EEA;
- object to decisions based solely on Automated Processing, including profiling (ADM);
- prevent Processing that is likely to cause damage or distress to the Data Subject or anyone else;
- be notified of a Personal Data Breach which is likely to result in high risk to their rights and freedoms;
- make a complaint to the supervisory authority; and
- in limited circumstances, receive or ask for their Personal Data to be transferred to a third party in a structured, commonly used and machine readable format.
To help us continue to keep all data safe, we would ask that you also follow the General Data Protection Regulations. We would ask that you act fairly with any data processed from us.
Questions and Concerns
We are happy to discuss any concerns you have with how we use your data and are willing to help in any way we can to continue a safe and secure relationship with all of our customers and suppliers. If you have any questions or concerns with the information detailed above, please contact:
Europarc Innovation Centre