How we handle your data
We believe in everyone's right to privacy and we have strict privacy protection controls in place to protect the privacy of us, our members and the clients of our members. All data we process will be handled in accordance with the policy outlined below.
For clarity; we use the following terms in this document:
a. We do not collect or store personally identifiable data for regular users of our website except those required to make our website function.
b. Our website logs are stored for 30 days which may, when linked with other data be used to identify a person who has communicated with our website. We will only use this method of data linking for providing security to our website and online company operations.
c. We collect, store and use anonymised data to help us identify the way people interact and use our website which will help us improve our service in the future, however this data will not be linked to any person or organisation.
d. We collect, store and monitor requests for document validation against anonymised records to aid with [1b] of this policy.
a. We collect, store and process member data for the purpose of providing our service. This will include names, addresses and other data we collect from members using forms on our website and by collecting data in-fied.
b. We will collect and temporarily store data for a member's client in order to process an inspection and conduct an audit on a member. This data will consist of a name and address, along with potentially other personal and property data. We will hold and process this data for a period no longer than is neccessary to generate the required reports, at which time client data shall be anonymised into a identification string.
c. We shall hold [2a] for a period of no less than the duration of the membership plus 12 months. After which time data shall be removed from our platform.
d. We shall hold [2b] for a period of no more than 30 days from the completion of an inspection report.
e. We shall collect and hold records of member registration and engineer data for a period of no less than the time of the membership plus 12 months.
a. Data passed to our document generators shall be held only for the purpose of validation and generation of the document.
b. Documents generated shall remain on our systems for no more than 24hrs, at which time all data shall be anonymised or destroyed from our disks.
c. We hold an anonymised data log of all data being provided for the generation of documents which shall not exceed 12 years from the date of creation , this allows us to validate generated documents for years to come.
d. Generated documents shall not include any personally identifiable member client information.
e. Generated documents may include personally identifiable information regarding issuing engineers and businesses when linked with other data sources.
a. Email records are held for a maximum period of 2 years from the date of the last enquiry when raised from a non-member email address.
b. Email records from registered member email addresses shall be held for a period of no more than 2 years after the last enquiry once a member has ceased to be active with ourselves.
a. Records of phone calls are held with us for a period of 12 months after the phone call has completed.
This section has been purposely left blank.
a. We shall store all personally identifiable data within password encrypted databases that remain encrypted at rest.
b. We shall utilise anti-virus and intrusion protection methods to help protect personal data from unwanted exposure.
c. Only persons within LGSR authorised to and with a genuine need shall be permitted access to personal data shall be granted access to any encrypted data.
a. We may share data gathered by ourselves with associated members where a link and need can be identified between a client and a member.
b. We may share personally identifiable data of both members and clients with relevant authorities and legal entities when requested to do so and where a legitimate reason can be established.
c. We may share gas connected data along with limited personally identifiable data such as addresses with Gas Safe Register or authorised persons of the HSE in order to maintain our duty of care.
d. We shall not knowingly share any personal data with any person that does not have an identified and genuine need for the data we hold.
e. We will never use any client or member data for the purposes of marketing or sales.
a. Any person(s)/group(s) may request data that we hold for them at anytime. This process is free and may take upto 5 working days to provide.
b. Any person(s)/group(s) may request error correction on the data we hold on them by submitting a request in writing.
c. Any person(s)/group(s) may request data to be anonymised at anytime we hold on them by submitted a request.
d. Personally identifiable data that no longer has use within our service shall be removed automatically or anonymised as soon as no need to hold real data is ascertained.