General Data Protection Regulations (GDPR)

Compass Safety Services Ltd has undertaken a thorough review of its systems, processes and procedures to ensure compliance with the new GDPR (General Data Protection Regulations).

Looking after the personal and professional information you share with us is very important, and we want you to be confident that your data is kept safely and securely and to understand how we use it.

We have published this notice to help you understand

How and why we collect information from you

Who we share your information with

What your rights are

If we make changes to this notice we will notify you by updating it on our website.

Compass Safety Services Ltd (Compass safety Ltd) will be what is known as the ‘Data Controller’ of the data you provide to us, and we will sometimes refer to ourselves in this notice as “we” or “us”. By Data Controller, this means we determine the purposes and way in which any personal data is, or will be, used.

Should you need to contact us with any questions regarding your data, please write to:
Compass Safety Ltd, 8A Station Road, Brough, East Yorkshire, HU15 1DY, or email info@compasssafetyltd.com

What information we collect and why?

When you give us your business card contact us or enquire about our services we hold your contact information (including but not limited to your name, email address, telephone number, mobile number, company name and address).

When you receive our services in exchange for payment we securely hold your banking information in password protected files and on our on-line banking platform, provided and protected by HSBC. Clients invoices are never printed in hard copy and remain digitally secure.

We do not use cookies to gather information from our devices (mobile or desktop) 

How we store your information?

All personal data (including, but not limited to, those fields named above), is held on our secure IT network.  Access to our IT network and its backups is strictly controlled through passwords.  

When you receive our services in exchange for payment we securely hold your banking information in password protected files and on our on-line banking platform, provided and protected by HSBC. Clients invoices are never printed in hard copy and remain digitally secure.

Mobile communications (voice and data) are fingerprint and password protected.

Any printed, hard copy of your information or data is securely held in our office.

How we use your information?

Data Protection regulations and laws allow us to use and share your data only where we have a proper reason to do so.

The law says we must have one or more of these reasons and these are:

Contract - your personal information is processed in order to fulfil a contractual arrangement e.g. services are on a retainer basis and updated information is being given.

Consent – where you agree to us using your information in this way e.g. for storing your payment details.

Legitimate Interests - this means the interests of Compass safety Ltd, in managing our business to allow us to provide you with the best services in the most secure and appropriate way e.g. to transfer your data to certain approved third parties such as external training providers or suppliers.

Legal Obligation – where there is statutory or other legal requirement to share the information e.g. when we have to share your information for law enforcement purposes.

Here is a list of the ways that we may use your personal information, and of the reasons described above we rely on to do so. Where we list legitimate interests as a reason, we also describe below what we believe these legitimate interests are.

GDPR data table.jpg

Who we share your information with and why

Compass Safety Ltd works with a number of trusted external suppliers, including training, hardware, software and equipment, to ensure we can provide our clients with the services they require.


Debt recovery and fraud prevention services - Before we provide services to new clients we reserve the right to undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks may require us to process personal data about you and your company.

The personal data will be used to prevent fraud and money laundering, and to verify your identity.

Details of the personal information that may be processed include, for example: name, address, date of birth, contact details, financial information, employment details.

We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.

We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.

We process your personal data on the basis that it is necessary in the public interest or in exercising official authority for us to prevent fraud and money laundering, and to verify identity, in order to protect ourselves and to comply with laws that apply to us.

Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.

Your Rights - Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data. 

For more information or to exercise your data protection rights, please contact us using the contact details above. You also have a right to complain to the Information Commissioner’s Office, which regulates the processing of personal data. 

Keeping in touch with you - We want to keep you up to date with information about new services and offers and improvements to our website.

If you decide you do not want to receive marketing information you can request that we stop, by writing to the address provided above, by emailing info@compasssafetyltd.com or by calling 01482 668516 and simply requesting we remove your details for our mailing lists.

You may continue to receive mailings for a short period while your request is dealt with.

How long we keep your information?

If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws.

We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under How we use your information above. The only exceptions to this are where:

The law requires us to hold your personal information for a longer period, or delete it sooner;

You exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law;

We bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or

In limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.

What are your rights?

You are entitled to request the following from Compass safety Ltd, these are called your Data Subject Rights and there is more information on these on the Information Commissioners website (www.ico.org.uk)

Right of access – to request access to your personal information and information about how we process it

Right to rectification – to have your personal information corrected if it is inaccurate and to have incomplete personal information completed

Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased.

Right to restriction of processing – to restrict processing of your personal information

Right to data portability - to electronically move, copy or transfer your personal information in a standard form

Right to object - to object to processing of your personal information

        Rights with regards to automated individual decision making, including profiling – rights relating to automated decision          making, including profiling

If you have any general questions about your rights or want to exercise your rights please send an email to info@compasssafetyltd.com


You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website www.ico.org.uk where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.

Cookies

Cookies are small text files that are stored on your browser or the hard drive of your computer or other device when you visit a web-site. This allows the web-site to recognise you as a user either for the duration of your visit or for repeat visits. They are not harmful and do not contain any information such as your home address, date of birth or credit card details.

Compass Safety Ltd do not use cookies for any form of information retrieval.

We do not share your data with any media outlets, however our website is hosted by Squarespace, and in addition we have a social media presence on Facebook, Twitter, LinkedIn and Instagram, and these third parties may use cookies for analytical or targeting purposes.

Compass Safety Ltd has no control over the use of cookies by these third-party organisations or over any information they may hold from their service providers. Information about their cookie polices (and other their GDPR policies) are available on their websites.

By continuing to visit our web-site and any of our social media ‘pages’ you are accepting the content of the above paragraph