The EU General Data Protection Regulation (GDPR) is a significant piece of European legislation which will come into force on 25 May 2018. It builds on existing data protection laws, strengthening the rights that EU individuals have over their personal data, and creating a single data protection approach across Europe.
Alpha Scan is focused on its GDPR compliance responsibilities and gained Cyber Essentials Certification in July 2017. During our compliance process, Alpha Scan Computers Limited constantly evaluate new requirements and procedures governed by GDPR and will take any action necessary to ensure that we handle all data in compliance with the applicable law.
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy
Alpha Scan is committed to meeting any contractual obligations for procedures, products and services and is approaching GDPR compliance including the following:
1. To ensure our own compliance as a company that holds and processes people’s personal data.
2. To ensure our partners and suppliers adhere to the highest standards of compliance and GDPR regulation.
3. To ensure that our service solutions all support our customers’ GDPR compliance efforts.
4. We will review/ refresh and develop our range of policies our GDPR compliance obligations including (but not limited to) Data Breach Policy, Business Continuity Plans, DPO appointment, Subject Access Requests, Individuals Rights, ICO Good Practice
5. Data Impact Assessments & Data Inventory: we are already undertaking a systematic review of the data we store, manage, maintain, collect, process and control. This includes offline storage and paper records. Assessments of the data will review information flow, any data transfers, risk reviews, and structural position in relation to Lawfulness, Purpose, Minimisation, Accuracy, Consent, Limitation, Integrity & Confidentiality, Record Keeping and Accountability.
6. We will undertake training across the company on the GDPR and its impact on the new policies, procedures, and responsibilities of staff & stakeholders in this new regime.
7. Running alongside the work already undertaken Alpha Scan will be reviewing the controls in including gap and risk analysis.
8. Where relevant we will supplier & partner relationships using all reasonable endeavours to ensure that our third party and suppliers arecomplying with the GDPR regulation.
9. Constant reviews of our technology platforms to analyse their operation, security, compliance in order to ensure that they meet GDPR compliancy.
GDPR Compliance Statement
All data held in the UK by Alphascan Computers Limited is governed by the UK Data Protection Act 1998 until 25th May 2018, when this will be replaced by the EU General Data Protection Regulation (GDPR). For the purpose of the General Data Protection Regulation (“GDPR”), Alpha Scan Computers Limited are the data controller of information collected. This Policy sets out the basis on which any data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Information we may collect from you or Information you give us:
• Information about yourself/your company including your full name, title and postal address, contact information including email address.
• We will not collect any personal information without your prior knowledge or permission.
• If you email or contact us, we may keep a record of the correspondence or keep your message, emails address and contact information to respond to your request.
• We will only ask you to provide information about yourself/company when necessary for a specified purpose.
Information we collect about you:
• Each time you visit our website we may automatically collect the following information:
• Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Where we store your data:
• The data that we collect from you will not be transferred to, and stored at, any destinations outside the European Economic Area (“EEA”). It will also only be processed by staff operating inside the EEA who work for us. Such staff maybe engaged in, among other things, the fulfilment of our services to you or the processing of your payment details. By submitting your company/personal data, you agree to this transfer, storing or processing.
of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security safeguards (both electronically and physically) to try to prevent unauthorised access or disclosure.
Information you give to us will be used by us:
• To carry out our obligations arising from any contracts entered into between you and us.
• In communicating with Alphascan Ltd, you agree to our contacting you in connection with your enquiry, however, receipt of such a communication, does not mean that you have been added to any mailing lists.
• To notify you about changes to our service or contact you where necessary if (for instance) you have requested information regarding the services that we provide or have made a specific enquiry.
• To administer, support, improve and develop our business or contact you for your views.
• To ensure that content from our website is presented in the most effective manner for you and for your computer/ device.
All employees will be provided with the relevant training so they are aware of all GDPR procedures, restrictions and the right to be forgotten.