This Privacy Statement applies to Systems AXIS Limited (trading as axisfirst) a company registered in England (company registration number 2370905).
We are registered on the Information Commissioner’s Office Register of data controllers under registration Z6638404.
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
any information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
What we collect
We may collect the following information:
- Name and job title.
- Contact information including email address, telephone numbers and postal address.
- The IP address(es) you use or from which you access our services.
- Demographic information such as postcode, preferences and interests (for example, which topics you may have elected to receive marketing information about).
- Other information relevant to customer surveys and/or offers.
- All communications to and from our organisation (written, electronic or voice) may be recorded.
Why does Systems AXIS need to collect and store personal data?
We need personal data in order for us to provide you with the service(s) to which you have contracted or otherwise given your consent.
We are committed to ensuring the information we collect and use is appropriate for this purpose and does not constitute an invasion of your privacy.
Will Systems AXIS share my personal data with anyone else?
We may pass your personal data to third-party service providers contracted to Systems AXIS in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on our behalf.
How will Systems AXIS use the personal data it collects about me?
Systems AXIS will process (collect, store and use) the information you provide in a manner compatible with the General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary. Systems AXIS is required to retain information in accordance with the law, such as information needed for company tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
Under what circumstances will Systems AXIS contact me?
Where you have given us your consent, we may use your information to contact you with details about products and services which we feel may be of interest to you.
You can grant or withdraw your consent, or change your contact preferences via our web site or by writing to us.
We may also contact you when we feel the information is relevant to the services which we are contracted to provide to you.
Can I find out what personal data the organisation holds about me?
Systems AXIS at your request, can confirm what information we hold about you and how it is processed. If Systems AXIS does hold personal data about you, you can request the following information:
- Identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
- Contact details of the Data Protection Officer (where applicable).
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of Systems AXIS or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- If we intend to transfer the personal data to a third party or international organisation, information is available about how we do this securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure that there are specific measures in place to secure your information.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it was not collected from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
What forms of ID will I need to provide to access this?
Systems AXIS requires two forms of ID from the following list, one of which must be photographic, when information on your personal data is requested:
- Photo driving licence.
- Birth certificate.
- Utility bill from within the last three months.
Data Protection Officer (DPO)
axisfirst is not required to appoint a DPO under the GDPR but we have decided to do so voluntarily. We understand that the same duties and responsibilities apply had we been required to appoint a DPO. We support our DPO to the same standards.
Our DPO reports directly to our highest level of management and is given the required independence to perform their tasks. Our DPO is tasked with monitoring compliance with the GDPR and other data protection laws, our data protection policies, awareness-raising, training, and audits.
Data Protection Manager contact details: e: firstname.lastname@example.org t: 01278 421020 Data Protection Officer, axisfirst, Axis House, 53-55 St. Mary Street, Bridgwater, TA6 3EQ Document Owner and Approval
The axisfirst Data Protection Officer is the Owner of this document and is responsible for ensuring that this statement is reviewed in line with the requirements of current legislation.