This privacy policy sets out how Greycar Ltd uses and protects any information that you give Greycar Ltd.

Greycar Ltd may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 24th May 2018.

AN INTRODUCTION
In the simplest terms, GDPR (General Data Protection Regulation) is a new privacy law introduced in the UK on 25th May 2018. It protects users from unauthorised data collection by requiring explicit consent. If data is being collected and stored, the individual providing the information needs to be aware of it and give permission before any action is taken. Along with providing permission to collect data, the GDPR also requires that users are able to request access to their data and have it removed if requested.

GDPR – THE BASICS
Personal Data
We hold your Personal Data under secure conditions using the following software which is GDPR compliant – Mailing Manager (Marketing platform for small businesses).

Consent
We are using the grounds of Legitimate Interest to maintain contact with our existing pre-May 25th 2018 CRM database. All new clients will be asked to positively opt-in after this date.

Breach Notification
As required, we will inform contacts of a data breach within a 72-hour window of becoming aware of the occurrence of a data breach.

Right to Access
Greycar Ltd will provide confirmation as to whether or not personal data concerning you is being processed by us, where the data is being stored and for what purpose. Furthermore, we shall provide a copy of the personal data, usually free of charge, in writing.

Right to be Forgotten *
The right to be forgotten entitles you to obtain from the controller the erasure of any personal data without undue delay and to stop any further distribution of the data.

* Warning once we delete all your records, we will not be able to monitor your name should you then re-appear via a request for a quote or other information.

Data Portability
GDPR introduces data portability; the right for a data subject to receive the personal data concerning them, which has previously been provided in a ‘commonly used and machine-readable format’, and to have the right to transmit that data to another company or organisation. It’s really about ‘transferring’ data between suppliers. e.g. allowing a customer to switch bank or insurance provider easily, without having to set everything up from scratch. Greycar Ltd is not involved in this type of information sharing, we will only pass your information on for delivery purposes.

MARKETING PLATFORMS & ACTIVITIES
Our marketing platforms and activities are compliant with GDPR going forward.

At Greycar Ltd we use Mailing Manager for all of our client email marketing communications – primarily our monthly Newsletter.

Our Newsletter signup forms are incorporated into our website; they collect the name and email address. When data is collected via a Newsletter signup form, the relevant permission data is then stored within our Mailing Manager list and is compliant with the new record keeping regulations. At the point of information collection, we will make it clear to users how and where we will be storing your information and how we will be using it.

The option to unsubscribe is also present inside each email communication sent via the Mailing Manager platform and is managed accordingly directly in our Mailing Manager list.

CONTACT DETAILS
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to us or emailing us at info@greycar.com