22 June 2018
This policy supplements the COINS website Privacy Notice .
If you are a customer of COINS, we must of course hold and maintain some personal information about you and your employees. This information is necessary for the day to day performance of contracts between us such as processing individual contact details to send letters and emails regarding licencing, Account Management, Product Support and customer events. You will ensure you have the consent of your employees to disclose any data to us.
Typically it will be contact name and address within your company, role, email address and telephone contact numbers.
When COINS no longer needs to keep certain data, we destroy paper documents securely by shredding and delete the electronic record in the COINS Accounting or Support systems. Data can be retained for 6 years to meet with UK statutory requirements. COINS only retains contact information for as long as it is relevant for day to day contact.
For Support contact details in Remedy Force, contact details are held until such time as a contract with COINS no longer exists or the details are deleted or amended at your request. To amend these details you can contact David Steward, Infrastructure & Information Security Manager via: firstname.lastname@example.org
Access to all of your information is strictly controlled and limited to ensure that only authorised COINS employees, its approved 3rd party partners and those authorised authorities such as HM Government bodies and HRMC have access (whether to the source data or by means of a deliberately submitted transmission, e.g. VAT Return). As we are a global company, authorised users such as COINS Support and Development staff, or approved 3rd party developers, may be both inside and outside of the European Economic Area. For those accessing outside of the EEA, COINS has an EU-approved Model Contract Agreement.
Where personal data relating to your employees or customers is transmitted or transported for the purposes of Support or Project Implementation, COINS ensures that such Data in transit will always be secured through the use of secure protocols: SSH, SCP, sFTP and HTTPS. Where business requirements require the use of removeable storage such as DVD, Flash drives or external hard drives these devices are encrypted.
Where personal information is transferred via EMAIL (in particular, email attached files which contain personal information) they are considered as high risk items. For example, emailing a file of names and addresses, payroll details etc to us is not to be done without encrypting the email. It is COINS’ policy to encrypt emails containing high risk information.
Under the GDPR the personal data subject has various rights including to access and seek correction of personal information. We will ask for proof of ID before allowing access. We will then ensure that the information we hold is corrected and updated. If at any point you believe that the information we process on your behalf or on you is incorrect, you can request to see this information and have it corrected or deleted. Please do this via your COINS Account / Service Manager or via the email address email@example.com
Construction Industry Solutions uses closed circuit television (CCTV) images to provide a safe and secure environment for employees and for visitors to the company’s premises and to protect company property.
The company’s CCTV facility records images only. There is no audio recording. Images that are stored on media are erased or destroyed once the purpose of the recording is no longer relevant. In normal circumstances, this will be a period of 31 days. Where a law enforcement agency is investigating a crime, images may need to be retained for a longer period.
Access to, and disclosure of, images recorded on CCTV is restricted. This ensures that the rights of individuals are retained. Images can only be disclosed in accordance with the purposes for which they were originally collected. COINS’ CCTV policy is available upon request.
If you wish to raise a complaint on how we have handled any personal data, you can contact David Steward, Infrastructure & Information Security Manager via the email address firstname.lastname@example.org who will investigate the matter.
Information about your right to complain can be found on www.ico.org.uk . You can complain by contacting The Information Commissioner’s Office by telephone (0303 1231113) or https://ico.org.uk/concerns/
|Congratulations! Your email alert has been set up.|