General Data Protection Regulations (GDPR)

indigo Uncategorized Leave a comment  

GDPR – Our Privacy statement for Customers

Indigo Access Ltd collects your personal data.
  • What data?

This includes information such as your name, address, date of birth, ethnicity, religion, disability, health conditions.

  • Why do we use it?

We use this information so we can provide you with a service. This might be an assessment of your needs, or it might be a specialist support worker or training event.

  • Our legal basis for processing this information is

“Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”

  • Sharing data

Information will be shared with third parties for the purposes of our companies accounting needs, with purchasing councils or with the purpose of arranging equipment following an assessment. Indigo Access Ltd have a separate Consent to Share information form.

  • Storing data

Data is stored on cloud based systems, which is only accessible to our workforce through a password protected and invitation only basis.

Your telephone number might be stored on your worker’s mobile phone. This is pin protected and your identification is anonymised by the use of initials only.

  • Keeping your data

Indigo Access Ltd will only retain data about you whilst you are a customer of ours. We will delete all information once our contract has ceased, either with yourself directly or with a purchasing council.

Indigo Access Ltd will keep financial records such as Request for Service Forms, Purchase Orders, Invoices and Remittances for up to 7 years. Financial records will be shared with our Accountant for accounting purposes.

  • Under the GDPR you have a number of rights:
  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. The right not to be subject to automated decision making including profiling
  • Subject access request

If you require a subject access request please contact or write to us. Josie Fray will handle this request within a working month. We will put right any data that is incorrect.

  • If mistakes happen

If your personal data is breached, Indigo Access will undertake an investigation.

We will report breaches as required to the ICO, the individual and the purchasing local authority.

We will maintain a spreadsheet to record what went wrong and how we put it right.

Add a Comment