MIM Systems GDPR Key Facts
GDPR Compliance Information
This page details the information we hold and process that could conceivably be classed as 'personal data' under the terms of the GDPR. The vast majority of the personal information we hold concerns individuals in their professional capacity, and is used by us solely to facilitate and maintain a professional relationship with those individuals and the organisations they represent.
If you're looking for information on the ways in which our Time & Attendance Systems relate to the GDPR, please click here.
GDPR Contact Information
|Business Name||Motor Industry Management Systems Limited|
|Assigned Data Controller Employee||Kevin Churn|
|Data Controller Telephone Number||+44 (0)1246 267715|
|Data Controller Emailfirstname.lastname@example.org|
In this article
- The data we hold, and how we use it
- Data shared with third parties
- How we ensure your data is secure
- How long we hold data for
- Your rights under the GDPR
Not what you're looking for? Click here to go back to the Portal
The Data we hold, and how we use it
We may process personal data as far as it pertains to our prospective or ongoing business relationship with your company. Most data is held and processed on legitimate interest grounds, in such a way as would reasonably be expected, and without unnecessary intrusion. This data is processed with the sole aim of providing the best possible service to you and your company, from initial enquiry, to purchase, to aftercare. If you'd like to learn more about what we mean by legitimate interests, please click here.
- The contact names of those directly involved in the purchase and ongoing operation of the ClockRite System
- Titles and departments of contacts, if provided
- Landline and/or mobile telephone numbers, as provided
- Email addresses, as provided
- Business billing and shipping address
- Business details, including size of business and industry sector
- Referral information, including the date of initial enquiry
- Details of interaction between MIM Systems and contacts, including enquiry, sale, and support. In all cases these details are concise, focused, and pertain only to the matter at hand
Accounts and Invoicing
- Relevant contact names
- Business billing and shipping information
- Previous invoices and method of payment
Due to the broad definition of 'personal data' and the 'processing' thereof under the GDPR, our Remote Support service falls under its legislation. Please click here for a detailed breakdown of how we conduct our Remote Support and how this relates to the GDPR.
Data shared with 3rd party/external sources
We've listed the circumstances under which data passes to third parties below. Information only passes to third parties for legitimate business reasons, such as taking payment for an order, managing our interaction with you via email, and providing remote support. We've taken care to ensure all third parties we deal with are GDPR compliant.
|Providing Remote Support|| We use TeamViewer to provide remote support, and have a dedicated page covering our use of the platform.
|MIM Systems Installation Engineers||Where applicable our contracted engineers will hold basic client contact data. Some clients may opt to have basic employee details pre-loaded into their ClockRite System prior to installation. Our engineer will keep this data until the day of the installation in a password protected database, after which point it will be deleted. Where applicable, consent for this is received via our standard excel installation documentation.|
How we ensure your data is secure
- All data in our CRM, Accounts, and Invoicing programs are held on our secure internal network.
- All PC's, devices and software applications used on our internal network are secured with a password.
- All staff adhere to our privacy, security, and confidentiality policies.
- Where data has been transferred to us via email, our email communication system provider is PCI compliant and supports TLS v1.2. Emails cannot be viewed by third parties.
- Where data has been transferred to us during a remote support session it will only be stored until the conclusion of the support issue, after which it will be erased.
How long we hold data for
Your Rights under the GDPR
You have the following rights under law in regard to the collection and use of your personal information.
- The right to be informed about the collection and use of your personal data
- The right of access to your personal data
- The right to request that inaccurate or incomplete data is rectified
- The right to request the erasure of your data where there is no further reason for us to use it
- The right to restrict the use of your information
- The right to object to certain uses of your data
Your rights are listed here in summary only. If you wish to learn more about your rights and how they apply to your personal data you may find the following ICO guidance useful:
Should you wish to exercise any of these rights you can do so at any time by contacting us at email@example.com, or by writing to us at the following address:
MIM Systems Ltd, Dunston Innovation Centre, Dunston Road, Chesterfield, Derbyshire, S41 8NG
In some cases we are permitted to charge a small administrative fee in responding to such requests.
If you feel that your rights have been breached in any way you should contact our assigned Data Controller, Kevin Churn, through either method listed above. You may also lodge an official complaint with the Information Commissioners Office via their website, or in writing to: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF