Data controller & Data Processor
PSCL is both a data controller and a data processor.
As a data controller we will hold and process a limited amount of information about you and your organisation.
As a data processor we may also receive from you, process under contract and then delete data within given timescales. This data will relate to you and your customers/members – for example your members/staff/clienteles’ specific information.
On what basis do we collect and process your data?
As a controller:
We collect information about you, our clients or prospective clients in order to process your order, manage your account and if you agree by consenting at point of collection, to email or mail you about our products and services. We also collect information when you voluntarily complete customer surveys and provide feedback. Our data is processed in the UK. The lawful basis on which we process your data is in the legitimate interests of PSCL. In identifying this lawful basis, we have conducted a ‘Legitimate Interest Assessment’ in order to be satisfied that the interests of PSCL do not override your own legitimate rights and freedoms.
There may be other personal data we collect through our ongoing relationship as client and supplier. This personal information is held and processed on our internal IT system and cloud-based accounting system should you need a formal quotation and/or become a paying client. The personal data we collect is purely for the provision of services that you procure.
As a processor;
All data processing is done under contract and therefore will have been agreed prior to starting any work. By undertaking this processing, it allows our customers to have information printed on materials. Under no circumstances is this data transmitted to other organisations or individuals, unless explicitly instructed to within the terms of the contract. The data is destroyed after a specific time frame as stated in the contract with the exception of proofs of the work which are retained for justifiable legal reasons.
The processing of client data is undertaken in order to work commercially in conjunction with each other. If processing this data were not permitted, then the company could not operate and provide services.
PSCL has conducted a Legitimate Interest Assessment and concludes that there is a justifiable necessity to process personal data under this purpose and that the balance of rights of the Data Subject and PSCL have been reviewed.
PSCL may process sensitive data in its capacity as a data processor but not as a data controller.
Categories of Data
In most cases, PSCL processes non-sensitive data. We process: Name, Address, Telephone numbers, email address, bank account details.
However, as a processor we are reliant on receiving information from our clients. Therefore, content of this data is not prescribed by PSCL. We will only process the data based on the client’s requirements and as detailed under contract. Should some medical information or other sensitive data be included on any materials that we produce, then this is the client’s choice and not that of PSCL. As the data is classed as sensitive, we implement robust procedural and technical processes to ensure the data is processed legally and securely.
Any personal data we collect, hold and process is retained within our own company servers based in the UK and on our cloud-based accounts platform, Xero. They reside their data centres in the USA and are bound by the USA Privacy Shield Framework and we have a data processing Addendum with them. Internally access to data is restricted to those who have a legitimate reason to retrieve it, e.g. company directors and account managers.
During processing and our backing up processes, personal data may be transferred to sub processors. We have obtained signed GDPR compliant agreements from each of these organisations.
As a data controller;
The data we collect directly from you is the minimum we require to facilitate the lawful processing described above. Personally Identifiable Data placed on our system will be deleted as soon as practicable after termination of a commercial contract between us and in any case within 12 months. Personal data collected and processed for Finance purposes will be held for the maximum time as determined by any legal requirement.
If you have consented to receive marketing information from us, we will retain your contact details for as long as that consent lasts.
As a data processor;
The data we are sent from you is required to perform the services detailed in the contract. Personally Identifiable Data placed on our system will be deleted as soon as practicable after termination of a commercial contract between us and in any case within 2 months. Hard copy proofs sent via email and approved by you the customer, will be retained for historic records, should the job be repeated. The email’s themselves will be archived systematically over time.
Your rights as a data subject
The regulations provide a number of rights to you as the Data Subject. PSCL is committed to upholding those rights and those applicable to the personal information we collect and process are listed below. In addition to these rights, you have the right to escalate any concern to the Supervisory Authority, which in the UK is the Information Commissioners Office https://ico.org.uk. A full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/
Automated decision making
PSCL does not conduct any profiling or automated decision making.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
How to contact us
Pass Sport Control Limited, 43 Lambs Farm Road, Horsham RH12 4DB