SRM will retain your data for 3 years from the date a contract comes to an end.
The Right to be Informed
The Right of Access
You may request a copy of the personal data we hold about you free of charge. Once validation and verification of your identity has been conducted and where necessary the authority of any third-party requestor, we will provide access to the personal data we hold about you as well as the following information:
a) The purposes of the processing
b) The categories of personal data concerned
c) The recipients to whom the personal data has been disclosed
d) The retention period or envisioned retention period for that personal data
e) When personal data has been collected from a third party, the source of the personal data
However, if there are exceptional circumstances that mean we can refuse to provide the information, we will explain them. If such a request is deemed to be non-serious or irritating, SRM reserve the right to refuse them. If responding to such a request is likely to require additional time and effort or incurs unreasonable costs (which you may have to meet), we will inform you.
The Right to Rectification
When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.
The Right to Erasure (the ‘right to be forgotten’)
The right to erasure does not provide an absolute ‘right to be forgotten’. Individuals have a right to have personal data erased and to prevent processing in specific circumstances:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
- The personal data may be erased in order to comply with a legal obligation.
The Right to Restrict Processing
You may ask us to stop processing your personal data. We will still hold the data, but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:
- The accuracy of the personal data is contested
- Processing of the personal data is unlawful
- We no longer need the personal data for processing but the personal data is required for part of a legal process
- The right to object has been exercised and processing is restricted pending a decision on the status of the processing
The Right to Data Portability
This allows individuals to obtain and reuse their personal data to be transferred to another controller or processor. This allows the movement, copying or transferring personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
This must provide the personal data in a structured, commonly used and machine-readable form. This can be transmitted directly from one controller to another, where technically feasible.
The Right to Object
You have the right to object to our processing of your data where:
- Processing is based on legitimate interest;
- Processing is for the purpose of direct marketing;
- Processing is for the purposes of scientific or historic research;
- Processing involves automated decision-making and profiling.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour Information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
For further information visit:
www.aboutcookies.org or www.allaboutcookies.org or www.google.com/privacy.html
Your browser can be set to not accept cookies and the above website/s provide details of how cookies can be removed. However, be mindful that such removal may impact the website and some features may not function as expected.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that the SRM website and SRM participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
The SRM website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
The SRM website and SRM through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs (web addresses).
Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
How to contact us
Or write to us at:
Data Protection Team,
Security Risk Management Ltd (SRM)
Newcastle upon Tyne