The Data Protection Act 2018 (“DPA 2018”) and the General Data Protection Regulation (“GDPR”) effective from 25 May 2018, impose certain legal obligations in connection with the processing of personal data (see definition below).
Halal Certification Europe is a data controller (see definition below) within the meaning of the GDPR and we process personal data.
We may amend this privacy notice from time to time. If we do so, we will supply you with and/or otherwise make available to you a copy of the amended privacy notice.
Information about your Business
We hold your following business information:
- Business Name
- Business address (including all site locations)
- Business contacts (Buyers/Sales/Accounts/Management/Directors)
- Various telephone and fax numbers supplied by you
- Various email addresses supplied by you
- VAT number
- Bank account details
- Supplier name and contact details
- Manufacturer name and contact details
- Product and raw material details
Information about your business is backed up and stored off site for security and loss prevention purposes.
The purposes for which we intend to process personal data
We intend to process your data for the following purposes:
- Processing as part of Halal Certifications applications
- Invoice for the services we provide
The legal bases for our intended processing of data
Our intended processing of personal data has the following bases:
Halal Certifications processing
It is a requirement of our contract with you that you provide us with required data to allow us to process your Halal certification applications.
If you do not provide the information that we request, we may not be able to process your Halal certification applications.
Persons/Organisations to whom we may give personal data
- We will not share any confidential information with any organization.
- We will use supplier and manufacturer contact details to obtain required information from the respective supplier and manufacturer as part of Halal certification process.
- Organizations that have approved us may access data as part of their approval process.
Retention of data
Information on Halal certification will be kept at least 6 years after you cease to use us for Halal certification.
Requesting personal data we hold about you (subject access requests)
You have a right to request access to your data that we hold. Such requests are known as ‘subject access requests’ (“SARs”).
Please provide all SARs in writing marked for the attention of Yusuf Aboobakar.
We will not charge you for dealing with a SAR.
Putting things right (the right to rectification)
You have a right to obtain the rectification of any inaccurate data concerning you that we hold. You also have a right to have any incomplete data that we hold about you completed. Should you become aware that any personal data that we hold about you is inaccurate and/or incomplete, please inform us immediately so we can correct and/or complete it.
Deleting your records (the right to erasure)
In certain circumstances you have a right to have the personal data that we hold about you erased. Further information is available on the ICO website (www.ico.org.uk). If you would like your personal to be erased, please inform us immediately and we will consider your request.
We will respond to any data portability requests made to us without undue delay and within one month. We may extend the period by a further two months where the request is complex or a number of requests are received but we will inform you within one month of the receipt of the request and explain why the extension is necessary.
Withdrawal of consent
Where you have consented to our processing of your data, you have the right to withdraw that consent at any time. Please inform us immediately if you wish to withdraw your consent.
- the withdrawal of consent does not affect the lawfulness of earlier processing
- if you withdraw your consent, we may not be able to continue to processing of your Halal certification.
We do not intend to use automated decision-making in relation to your data.
If you have requested details of the information we hold about you and you are not happy with our response, or you think we have not complied with the GDPR or DPA
2018 in some other way, you can complain to us. Please send any complaints by via our contact form
If you are not happy with our response, you have a right to lodge a complaint with the ICO (www.ico.org.uk).
Data controller - A controller determines the purposes and means of processing personal data.
Data processor - A processor is responsible for processing personal data on behalf of a controller.
Personal data - The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier (as explained in Article 6 of GDPR). For example name, passport number, home address or private email address. Online identifiers include IP addresses and cookies.