« Return to Case Studies

General Data Protection Regulations 2018 – Processing of Personal Data

The deadline for compliance to the GDPR falls on the 25th May 2018 replacing The Data Protection Act. The GDPR is an EU regulation providing revised requirements for organisations processing the personal data of individuals and as a result all businesses must ensure all their processes are compliant with the new incoming legislation.

 To comply with these new regulations, there must be a lawful basis for us to collect, process and store any personal data that you provide us with.

For personal data to be processed lawfully, they must be processed on the basis of any legal ground set out in the Act. These include, among other things, the data subject’s consent to the processing, or that the processing is necessary for the performance of a contract with the data subject, for the compliance with a legal obligation to which the data controller is subject, or for the legitimate interest of the data controller or the party to whom the data is disclosed. .

During the course of our activities we will collect, store and process personal data about our customers, suppliers, contacts and other third parties.

ISM, in the course of its business in providing PSIM, Door Entry and Intercom Solutions will process data in relation to ( but not limited to) lead generation/progressing, website, marketing information, fault reporting, maintenance and contractual details

The types of personal data that we may be required to handle include information about current, past and prospective suppliers, customers, employees and others that we communicate with. The personal data, which may be held on paper or on a computer or other media, is subject to certain legal safeguards specified in the Data Protection Act 1998 (“the Act”) and subsequently in the General Data Protection Regulations May 2018 plus other associated regulations.

In the course of our business we may collect and process the personal data set out below. This may include data we receive directly from a data subject (for example, by completing forms or by corresponding with Us by mail, phone, email or otherwise) and data we receive from other sources (including, for example, business partners, sub-contractors, payment and delivery services, credit reference agencies and others).

For your information, the data provided by you that we hold includes, but is not limited to, the following:

Contact information: Contact name, job title, business address, business phone number, mobile number, email address.

Company information: Name, address and contact details, legal ownership and registration details, trading premises, company background, company activity, and supporting evidence.

We may share personal data we hold with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in Section 1159 of the Companies Act 2006.

We may also disclose personal data we hold to third parties:

In the event that we sell or buy any business or assets, in which case we may disclose personal data we hold to the prospective seller or buyer of such business or assets.

If we or substantially all of our assets are acquired by a third party, in which case personal data we hold will be a transferred asset.

If we are under a duty to disclose or share a data subject’s personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with the data subject or other agreements; or to protect Our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We trust that you would like to continue to be contacted by ISM.  However, we respect that you have the right to ask us not to process your personal data for marketing purposes, and you can, of course, opt out at any time by emailing DataProtection@ism-uk.com

If you have any questions regarding the information that ISM is required to hold or would like any changes or access to your data, please contact ISM via DataProtection@ism-uk.com

Yours Sincerely,

Geoff Pye

Compliance Manager

« Return to Case Studies