General Data Protection Regulation (GDPR) 2018
Introduction – on 25th May 2018 the new General Data Protection Regulation (GDPR) will come into
force. Monocon International Refractories Limited hold personal data on our customers, suppliers
and third parties in order to provide our services. Any information we hold which is not relevant will
be deleted in a secure and appropriate manner. We will only collect, store and process personal
information acquired which is relevant to the service we provide. This document details the personal
data that we may retain, process and share with others relating to your business and your
employees. We are committed to ensuring all information held is secure, accurate and relevant. To
prevent unauthorised access or disclosure of this data we have implemented suitable physical,
electronic and managerial procedures to safeguard and secure all of the personal data we hold.
What Does This Notice Cover
This Privacy Information explains how we use your personal data: how it is collected, what type of
information we collect , and how it is processed.
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the
“GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly
identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified.
Personal data covers obvious information such as your name and contact details.
Data
The information we collect about you
During negotiations/conversations/communications with us, such as discussing prices, terms and for
the term that you are a customer and/or supplier, we may process personal information about your
company, your employees and other individuals whose personal information has been provided to
us.
The types of personal information we may process include:
- Identification data, not limited to: name(s), gender and Company registration numbers
- Contact details, not limited to: home/business addresses, telephone and email addresses
- Customers Employee details, not limited to: job title/position and office location
- Supplier Employee details, not limited to: job title/position and office location
- Background information, not limited to: Business type and Company principles
- Financial information, not limited to: Banking details, Tax information, Credit reference checks
We do not require and do not access or store any sensitive personal data relating to you as an
individual, your business or your employees.
Purposes for processing personal information - our legal bases for collecting and using the personal
information described above will depend on the personal information concerned and the specific
context in which we collect it. However we will normally collect personal information from our
customers and suppliers only where we have your consent to do so or where we need the personal
information to perform a contract with you. We have policies, systems and controls in place to strive
to ensure your data is not lost, accidentally destroyed, misused or disclosed and is not accessed
without authorisation and only accessed, used or shared for specific legal purposes.
If you require further information concerning the legal basis on which we collect and use your or
your company and employee personal information, please contact us.
Contractual purposes - we store and use this personal information when it is necessary for the
provision of our services, in line with the purposes agreed upon between you, our customer and
supplier businesses and their employees and us.
Legal purposes - we may use personal information where it is considered necessary to comply with
the law under judicial authorisation or in response to lawful requests by public authorities - example:
for enforcement purposes.
Legitimate interest - we may also gather, store and use personal information when it is necessary
for other legitimate purposes, such as to assist us to conduct our business more effectively and
efficiently.
Who we share personal information with - we will only allow access to personal information to
those who require such access to perform their tasks such as: delivery of goods, making a claim for
damaged goods etc.; this is completed on a ‘need to know’ basis with appropriate security measures
in place. This is done in accordance with the applicable data privacy law.
Transfer of personal information abroad – we may need to transfer personal information to other
countries outside of the UK – example: delivery details including your contact, your company or your
employee contact details.
Data retention periods - personal information on you, your company and your employees will be
retained for the length of time you are a customer and/or supplier of Monocon International
Refractories Limited and for six years thereafter, as required by applicable law.