Hub-4 Ltd take data protection very seriously and operate in full compliance with GDPR requirements.
Data is provided by the client in order for Hub-4 Ltd to deliver provision of services.
We only collect this data to provide services which have been instructed by the client.
Data processing is necessary for us to meet contractual obligations with the client.
The data is only utilised by Hub-4 and data is not shared with third parties.
All data collected can only be accessed by authorised people for the appropriate purposes for which they have access.
Data protection is an essential component of the core functionality of our processing systems and services.
We consider data protection as part of the design and implementation of systems, services, products and business practices.
Risks and privacy-invasive events are anticipated before they occur, and take steps to prevent harm to individuals. In the event of a data breach, the client and ICO will be informed.
Personal data is automatically protected in any IT system, service, product, and/or business practice, so that individuals should not have to take any specific action to protect their privacy.
We only use data processors that provide sufficient guarantees of their technical and organisational measures for data protection by design.
When we use other systems, services or products in our processing activities, we make sure that we only use those whose designers and manufacturers take data protection issues into account.
We retain data in accordance with the GDPR whereby data is held for no longer than is necessary.
Data that has a legal implication is kept for eight years unless otherwise instructed by you or your employer.
The right to be informed: You have the right to be informed about the collection and use of their personal data. We provide individuals with privacy information at the time we collect their personal data from them.
The right of access: You have the right to access and receive a copy of their personal data, and other supplementary information. We have processes in place to ensure that we respond to a subject access request without undue delay and within one month of receipt.
The right to rectification: The UK GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete. We have processes in place to ensure that we respond to a request for rectification without undue delay and within one month of receipt.
The right to erasure: The UK GDPR introduces a right for individuals to have personal data erased. We have processes in place to ensure that we respond to a request for erasure without undue delay and within one month of receipt.
The right to restrict processing: Individuals have the right to request the restriction or suppression of their personal data. We have processes in place to ensure that we respond to a request for restriction without undue delay and within one month of receipt.
The right to data portability: The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. We can transmit personal data in structured, commonly used and machine readable formats.
The right to object: The UK GDPR gives individuals the right to object to the processing of their personal data in certain circumstances. We have processes in place to ensure that we respond to an objection without undue delay and within one month of receipt.
Rights in relation to automated decision making and profiling: We carry out a DPIA to consider and address the risks before we start any new automated decision-making or profiling.
|Data Processing System
|Bridge House, Forresters Business park. Plymouth PL6 7PL
|Personnel identified by client
|E Mail/ First Name/ Last name/ location/ department or other data provided that is essential to the provision of services
|Republic of Ireland EU
|ZA204812 under GDPR with the Information Commissioners Office to process data
|Hub-4 Ltd Data Officer
You can register a complaint about our handling of your personal data with the ICO, who are the UK’s supervisory authority for GDPR. ico.org.uk/make-a-complaint.