Login / Register
The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR), which will be effective from May 25, 2018. Simply put, EU residents will now have greater say over what, how, why, where, and when their personal data is used, processed, or disposed. This rule clarifies how the EU personal data laws apply even beyond the borders of the EU.
Huws Gray’s commitment
Huws Gray is committed to high standards of information security, privacy and transparency and we place a high priority on protecting and managing data in accordance with accepted standards.
Huws Gray operates as both a data controller and processor in relation to personal data it processes. In doing so Huws Gray will complies with all applicable regulations under the GDPR, while also working closely with our customers and partners to meet contractual obligations for our procedures, products and services.
Huws Gray is analysing its business operations to ensure it meets its obligations under the GDPR and is making any changes where necessary.
During our implementation period for the GDPR, we are evaluating new requirements and restrictions imposed and will take any action necessary to ensure that we handle all personal data in compliance with applicable law by the 2018 deadline.
Please be assured that Huws Gray has no necessity to collect and process personal/business information beyond what is required for the functioning of our contractual obligations with our customers and suppliers and legitimate interests in marketing our products and services. Where appropriate we will only market to consumers who have consented unless we have legitimate interests to do so.
Huws Gray has a dedicated GDPR action group made up of its Compliance Officer and Management Team who are overseeing Huws Gray’s GDPR readiness. Huws Gray’s ongoing compliance efforts include:
Huws Gray has reviewed where and how we collect, use and store personal data and we are updating policies, standards, training and documentation where required. We are working to ensure the accuracy of personal data and enabling it to be erased or rectified in accordance with our obligations. Our aim is to limit the use and storage of personal data wherever possible.
- Contractual commitments
Working in conjunction with our partners and customers, we are reviewing our contractual commitments and updating these as needed to comply with GDPR requirements. We are also reviewing supplier contracts to ensure GDPR compliance throughout our supply chain.
- Employee awareness
All Huws Gray employees will complete data privacy and security awareness training.
In addition to these training requirements, Huws Gray conducts ongoing monitoring and spot checks to ensure that processes are implemented.
Huws Gray are CyberEssentials accredited (https://www.cyberessentials.org).
Your information and how it is stored and processed
For information on what information we collect and how it is used, please see our privacy policies on the links below. We have also included a link to our data protection policy which contains information on how the information is stored and protected.
Data Protection Policy: https://www.huwsgray.co.uk/shop/privacy-data
If you have any further questions regarding data protection please contact our Compliance team on firstname.lastname@example.org