Summary
When you get in touch with SuePA as your Virtual PA, your contact details, and any other information you provide, are kept secure and will not be passed on without your permission or unless required to do so by a legal obligation. The information will be used only as agreed for legitimate interests as agreed and for the purpose of working together.
My primary concern is about storing any access or data safely and your trust is important to me so I value your right to privacy.
Personal data will not be kept longer than necessary and will be destroyed securely when no longer required.
This document sets out how and where I collect, store and use your data.
If you require any further information or wish to exercise any of your data protection rights, you can contact me directly at sue@suepa.co.uk.
SuePA Data Protection is registered with the ICO – ref: ZA780313
This Privacy Policy was last updated on 25 August 2020.
What types of data does SuePA collect?
When you engage with my services the following data will be collected:
- Name
- Company Name and Address
- Contact Information – Phone, Mobile, E-Mail
- Financial Details for invoicing and payments
- Passwords (relevant to the services you need me to provide)
- Details of the work I have been asked to carry out
Due to being an administrator I may need access to data you hold. This administration access is needed to be able to provide Cloud Storage, Office 365, Backup and Support services and this level of access is always highly protected as detailed below.
What SuePA does with data collected
My services are always personalised to your needs, therefore the data I collect is necessary to ensure the best possible service and experience, to include:
- Making sure the systems works the way you work
- Internal audit processes
- Improvement of services
- Processing payments
The lawful basis on which I collect and process this data
- If you’re a customer – the consent of my services and legitimate interest
- If you have enquired about my services – either consent or legitimate interests will apply
How long is your data kept?
SuePA will keep your information for as long as I am providing you with a service or likely to provide a service due to an enquiry received.
If you no longer continue working with me, I will delete all sensitive data such as passwords and remove any kind of administration access I have. I will, however, retain company information about the work I have performed for insurance purposes. I will also retain contact details as needed for the accounts as required by HMRC.
If your data is collected and processed due to your enquiry about my services I will retain this information until you notify me that you no longer wish to receive information from SuePA or you ask me to remove it.
Data will not be stored for any longer than 7 years after the end of the financial year of when we last interacted.
Who has access to your personal data?
SuePA works with carefully selected service providers to carry out certain functions on my behalf to provide me or yourselves with services. Due to the nature of these services they may well access and store personal information on my behalf.
The providers SuePA uses are:
- Microsoft
- BT
- Apple
- Amazon
- TL Martin Ltd
- Stepping Stones Web Ltd
- DropBox
Any provider of services outside of the EU or GDRP accepted countries are either on the USA Privacy Shield or have GDPR compliant agreements (Standard Contractual Clauses) with me in the guise of how they will look after data they hold on my behalf.
How I protect personal data
Your data is of the upmost importance to me and the following measures are in place:
- Physical or Electronic Access is restricted to authorised individuals
- My premises are alarmed
- I only require access to data needed in order to carry out required tasks
- Any computer system storing your data is encrypted
- Any cloud based storage provider will have encryption
- Strong passwords are always used
Sue Penny SuePA