The General Data Protection Regulation (GDPR) comes into effect the 25th May 2018, replacing the Data Protection Act 1998 (UK).
jigsaw kloud, as a Data Protection Officer and Data Controller, is responsible for collecting and protecting sensitive client data.
Information is only ever stored electronically and is protected by passwords, encryption and 2FA. No paper records are kept.
Suppliers acting as Data Processors:
#1 Microsoft
#2 Google
#3 Zoho
#4 Filen
#5 Authy
#6 WordPress and erjjio Studios
#1 Microsoft
Windows 11 and Office documents containing sensitive data are password protected and backed-up to an encrypted cloud storage provider.
Microsoft’s GDPR statement
#2 Google
Contact information is saved in Google Contacts.
Google’s GDPR statement
#3 Zoho
Business data is saved in various Zoho applications.
Zoho’s GDPR statement
#4 Filen
All files are encrypted and backed-up using Filen.
Filen GDPR Statement
#5 Authy
Additional security is provided using Two-factor Authorisation (2FA).
Twilio’s GDPR statement
#6 WordPress and erjjio Studios
jigsaw kloud and all client websites are managed through WordPress and hosted by erjjio.
WordPress’ GDPR statement
erjjio’s GDPR statement
What personal data we collect
jigsaw kloud considers there to be either a contractual or legitimate business interest to maintain contact with current clients, partners and suppliers. We only collect and process personal data we require to provide a specific service, which may include the following personally identifiable information: name, company name, e-mail address, telephone number and address (collectively called Contact Information). In addition, if you contact us directly, we may receive additional information, the contents of any message and/or attachments you send us, and any other information you choose to provide. The personal information you are asked to provide, and the reasons you are asked to provide it, will be made clear to you when we request your personal information.
How we handle your personal data
jigsaw kloud uses your data to provide a specific service and makes this data available only to trusted third parties relating to a specific service i.e. a hosting company for websites.
How we protect your personal data
jigsaw kloud takes reasonable precautions, utilising encryption (#4) and two-factor authentication (#5) to protect data in our possession from loss, misuse, and unauthorised access.
How long we process your personal data
The personal data we process for any purposes will not be held for a longer period than we have an ongoing legitimate business need to do so. When we have no ongoing legitimate business need to process your personal information, we will either delete or, if not possible, continue to securely store your information and isolate it from any further processing until deletion is possible.
How we process requests for data
Any clients, suppliers or partners who wish to receive copies of the data jigsaw kloud holds about them are welcome to request copies, free of charge within 30 days (unless the request is complicated; in which case a charge of £25 will be applied and a time period of 2 months shall be allowed).
YOUR RIGHTS
Right of access: You have the right to obtain from us information concerning you and to request copies of your personal data.
Right to rectification: You have the right to request rectification of inaccurate personal data and provide information to correct any mistakes.
Right to be forgotten: You have the right to request the erasure of your personal data, and we have an obligation to delete it without delay.
Right to restriction of processing: In certain situations, you have the right to obtain from us the restriction of processing.
Right to data portability: You have the right to receive from us in a structured, commonly used and machine-readable format your personal data and to transmit your personal data to another controller.
Right to object: In certain situations, you have the right to object to the processing of your personal data e.g. for marketing purposes.
Right to file complaints: You have the right to file complaints with the ICO regarding our processing of your personal data.
Right to compensation of damages: In case we breach applicable legislation on processing your personal data, you have the right to claim damages from us for any damages such a breach may cause you.
If you wish to make a request regarding your personal data, related to any of the rights mentioned above, please contact us.
jigsaw kloud
19th May 2018