GDPR Policy

1. Data Protection Principles:

​

Certified Installers Limited adheres to the following principles for the processing of personal data:

​

• Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and in a transparent manner.

• Purpose limitation: Personal data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

• Data minimisation: We only collect personal data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

• Accuracy: We take reasonable steps to ensure that personal data is accurate and kept up to date.

• Storage limitation: Personal data is kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

• Integrity and confidentiality: We process personal data in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage.

​

2. Data Collection and Processing:

​

Certified Installers Limited collects and processes personal data for specified purposes, including but not limited to:

​

• Managing customer accounts and inquiries

• Providing products and services to customers

• Marketing and promotional activities

• Recruitment and employment purposes

We only collect personal data that is necessary for these purposes and obtain explicit consent from individuals where required.

​

3. Data Security:

​

We implement appropriate technical and organizational measures to ensure the security of personal data and protect it from unauthorized access, disclosure, alteration, or destruction. This includes encryption, access controls, and regular security assessments.

​

4. Data Subject Rights:

​

Certified Installers Limited respects the rights of data subjects under the GDPR, including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object to processing. We provide mechanisms for data subjects to exercise these rights and respond to requests in a timely manner.

​

5. Data Transfers:

​

Any transfers of personal data outside the European Economic Area (EEA) are conducted in compliance with GDPR requirements, including the use of appropriate safeguards such as standard contractual clauses or adequacy decisions.

​

6. Data Breach Notification:

In the event of a personal data breach, Certified Installers Limited will notify the relevant supervisory authority and affected data subjects in accordance with GDPR requirements.

​

7. Data Protection Officer (DPO):

Certified Installers Limited has appointed a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and acting as a point of contact for data subjects and supervisory authorities.

​

Conclusion:

Certified Installers Limited is committed to GDPR compliance and the protection of personal data. This policy is regularly reviewed and updated to ensure ongoing compliance with GDPR requirements and best practices in data protection.

​​

​

Ivan Tully 5th March 2024

Director