GENERAL DATA PROTECTION REGULATION
Mike Speak Associates prides itself upon and is committed to good practice in conducting its business ethically and in accordance with all applicable principles, laws and regulations, including the GDPR (General Data Protection Regulation).
Mike Speak Associates expects this commitment to be shared by any and all others involved, in any connection, in provision of the Structural Engineering Service it provides.
The GDPR legal requirements – which come into effect 25 May 2018 – provide you with greater protection of and control over your personal data and digital privacy.
Mike Speak Associates is registered with the ICO (Information Commissioners Office) – Registration No: ZA441147
We collect, store and process only sufficient personal data essential to supply you with the high quality, cost effective professional structural engineering service you engage us to provide. We do so in accordance with legal and professional requirements and in line with the GDPR ‘Legitimate Interest’ category. We therefore ensure that your data privacy and rights are respected and protected and we pledge never to misuse your data.
How We Obtain Your Personal Data
- Referrals from Architects, Surveyors, Building Inspectors, Property Developers, Builders and former clients.
- Enquiries received via:
|Our website www.structualengineeringsolutions.co.uk;|
Institution of Structural Engineers’ Find an Engineer website https://www.istructe.org/finding-a-structural-engineer
Local Surveyors’ website https://www.localsurveyorsdirect.co.uk
|) For one-time capture of data|
) when you send us enquiries.
) These are forwarded to our
) MS Outlook email account.
|Direct email and telephone contact from you|
Personal recommendations from others
Data We Store
|Name & Address|
|Website (if applicable)|
How We Process Your Personal Data
We process your data in connection with provision of the professional Structural Engineering service you engage us to provide strictly in accordance with all legal & professional requirements. We use your data to communicate with you by email, telephone and post; also in connection with our financial accounting.
Lawful Basis for Processing Your Data
Legitimate interest in connection with the Structural Engineering Service you engage us to provide.
Who Has Access to Your Personal Data
Only the Data Controller has access to your securely stored personal data.
Third Party or Publicly Available Sources We Employ
We contract with the following third party or Publicly Available Sources to supply our Structural Engineering Service to you:
|Daisy Telecoms: Phone & broadband;|
Krystal: Web hosting & email;
ESET Endpoint: Antivirus & firewall
Kamazoy IT: Computer Security
|Microsoft: Outlook; Word; Excel|
Vodafone: Mobile smart phone.
How We Store Your Personal Data
We store your personal information within secure physical and electronic systems.
How We Protect Your Personal Data
- Filing cabinets locked & accessible only by Data Controller;
- Secure archive files accessible only by Data Controller;
- PC password, antivirus & firewall protected/locked. Accessible only by Data Controller and Kamazoy IT/
- Computer Security;
- Mobile phone (Samsung S5) password protected & locked. Accessible only by Data Controller;
- Automatic storage of incoming & outgoing phone numbers on Gigaset landline;
- Incoming answerphone messages received on Gigaset landline;
- In addition, our computer systems are continually monitored by Kamazoy IT/Computer Security.
How We May Share Your Personal Data
We share your personal data only as strictly necessary in accordance with the service you engage us to provide; ie:
- With any Associate of Mike Speak Associates involved with carrying out work on your behalf;
- With relevant industry specialists such as the Architect, Surveyor, Building Control/Building Inspector, Property Developer, Builder etc, and
- In line with legal and professional requirements.
The only time we would divulge any personal client information to any other external source would be if legally required to do so.
How Long We Keep Your Data
We store your data for a minimum of 7 years (in accordance with industry standard and to meet legal/professional requirements).
How We Destroy Your Data
- Manual deletion of computer records.
- Cross shredding of paper records
- Manual deletion of landline and mobile incoming & outgoing phone numbers, plus answerphone messages retained only as long as necessary to fulfil requested Structuring Engineering Service.
Our secure storage technologies and precise procedures regarding storage, access and management of personal data meet the GDPR compliance requirement.
In Case of a Data Breach
Should we ever discover a data breach we will immediately comply with GDPR and notify all relevant parties/authorities.
Your Rights under GDPR/How You Can Exercise Them
You can exercise your rights by contacting Mike Speak Associates or if necessary the European Data Protection Supervisor firstname.lastname@example.org.
We do not use auto decision making/profiling and we do not use your data for marketing purposes.
- email us at email@example.com
- Contact us through our website www.structualengineeringsolutions.co.uk or
- Write to us at Mike Speak Associates, County House, St Mary Street, Worcester WR1 1HB.
- We will acknowledge any such request as quickly as practicable but, before acting upon it, we must first confirm your identity and then check:
- If the request is reasonable;
- Whether acceding to your request could impact on other individuals’ personal data/rights;
- Also that there are no legal, regulatory or contractual requirements to retain the data in its current form (including ensuring that a request to delete data does not breach our legal or professional responsibilities).
We will then carry out your request as quickly as practicable and confirm completion of the requested action(s) or explain why we could not do so.
We encourage you to check this Policy from time to time. Version numbers and dates of revisions will be shown in the footnote of this document.
DPPP v1 22.5.18