MIM Systems GDPR Key Facts
GDPR Compliance Information
This page details the information we hold and process that could conceivably be classed as 'personal data' under the terms of the GDPR. The vast majority of the personal information we hold concerns individuals in their professional capacity, and is used by us solely to facilitate and maintain a professional relationship with those individuals and the organisations they represent.
If you're looking for information on the ways in which our Time & Attendance Systems relate to the GDPR, please click here.
GDPR Contact Information
Business Name | Motor Industry Management Systems Limited |
Assigned Data Controller Employee | Kevin Churn |
Data Controller Telephone Number | +44 (0)1246 267715 |
Data Controller Email | gdpr@clockrite.co.uk |
In this article
- The data we hold, and how we use it
- Data shared with third parties
- How we ensure your data is secure
- How long we hold data for
- Your rights under the GDPR
Not what you're looking for? Click here to go back to the Portal
The Data we hold, and how we use it
We may process personal data as far as it pertains to our prospective or ongoing business relationship with your company. Most data is held and processed on legitimate interest grounds, in such a way as would reasonably be expected, and without unnecessary intrusion. This data is processed with the sole aim of providing the best possible service to you and your company, from initial enquiry, to purchase, to aftercare. If you'd like to learn more about what we mean by legitimate interests, please click here.
CRM Database:
- The contact names of those directly involved in the purchase and ongoing operation of the ClockRite System
- Titles and departments of contacts, if provided
- Landline and/or mobile telephone numbers, as provided
- Email addresses, as provided
- Business billing and shipping address
- Business details, including size of business and industry sector
- Referral information, including the date of initial enquiry
- Details of interaction between MIM Systems and contacts, including enquiry, sale, and support. In all cases these details are concise, focused, and pertain only to the matter at hand
Accounts and Invoicing
- Relevant contact names
- Business billing and shipping information
- Previous invoices and method of payment
We do not store any bank account or credit card details.
Remote Support
Due to the broad definition of 'personal data' and the 'processing' thereof under the GDPR, our Remote Support service falls under its legislation. Please click here for a detailed breakdown of how we conduct our Remote Support and how this relates to the GDPR.
ClockRite Website
In addition to data supplied by you during the course of an order or enquiry we may collect limited data, with your consent, through the use of cookies on our website. Please see our cookie and privacy policies for more information pertaining to use of the ClockRite Website.
Data shared with 3rd party/external sources
We've listed the circumstances under which data passes to third parties below. Information only passes to third parties for legitimate business reasons, such as taking payment for an order, managing our interaction with you via email, and providing remote support. We've taken care to ensure all third parties we deal with are GDPR compliant.
Telephone Payments | Any payments taken over the phone are processed using the Cardsave Payment gateway. Cardsave is a product of Worldpay, and you can read their privacy policy here. |
Website orders | Web orders are processed using Stripe. You can read their privacy policy here. More detailed information about data that may be collected when you use our website can be found in our privacy policy. |
Communicating via Email | Our emails are hosted by Helpscout. You can read their privacy policy here, and they also have some great information on the steps they've taken to ensure GDPR compliance. |
Providing Remote Support | We use TeamViewer to provide remote support, and have a dedicated page covering our use of the platform. You can read Teamviewer's own statement on GDPR here, and their privacy policy here. |
MIM Systems Installation Engineers | Where applicable our contracted engineers will hold basic client contact data. Some clients may opt to have basic employee details pre-loaded into their ClockRite System prior to installation. Our engineer will keep this data until the day of the installation in a password protected database, after which point it will be deleted. Where applicable, consent for this is received via our standard excel installation documentation. |
How we ensure your data is secure
- All data in our CRM, Accounts, and Invoicing programs are held on our secure internal network.
- All PC's, devices and software applications used on our internal network are secured with a password.
- All staff adhere to our privacy, security, and confidentiality policies.
- Where data has been transferred to us via email, our email communication system provider is PCI compliant and supports TLS v1.2. Emails cannot be viewed by third parties.
- Where data has been transferred to us during a remote support session it will only be stored until the conclusion of the support issue, after which it will be erased.
How long we hold data for
Existing Customers |
|
Past Customers |
|
Active Prospects |
|
Website Visitors |
|
|
Your Rights under the GDPR
You have the following rights under law in regard to the collection and use of your personal information.
- The right to be informed about the collection and use of your personal data
- The right of access to your personal data
- The right to request that inaccurate or incomplete data is rectified
- The right to request the erasure of your data where there is no further reason for us to use it
- The right to restrict the use of your information
- The right to object to certain uses of your data
Your rights are listed here in summary only. If you wish to learn more about your rights and how they apply to your personal data you may find the following ICO guidance useful:
Should you wish to exercise any of these rights you can do so at any time by contacting us at gdpr@clockrite.co.uk, or by writing to us at the following address:
MIM Systems Ltd, Dunston Innovation Centre, Dunston Road, Chesterfield, Derbyshire, S41 8NG
In some cases we are permitted to charge a small administrative fee in responding to such requests.
If you feel that your rights have been breached in any way you should contact our assigned Data Controller, Kevin Churn, through either method listed above. You may also lodge an official complaint with the Information Commissioners Office via their website, or in writing to: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF