IASF GDPR Policy
(IASF) Irish Association Of Steel Fabricators
The General Data Protection Regulation (GDPR) requires us (IASF) to inform our clients of the relevant data that we need to collect as part of our day to day business to satisfy the requirements of applicable standards and accreditations that we comply with. The applicable standards we use for inspection and certification purposes require us to record individual’s details that will appear on the final certification to be issued.
The data we collect / have collected will only be used in relation to the agreed contractual obligations you have requested us to comply with. This data will not be shared with any other party, unless it is a legitimate need in the inspection / certification process. This is covered in our contract review process as we may sub contract some activities. Under the requirements of the accreditations we hold we will have to give specific information to any legal party who may need access to such data, this is outside of our control and is addressed in our updated contract review process with you our clients.
The data we collect is recorded and held in electronic copy format and is kept under secure conditions.
No one other than nominated employees of IASF with access rights to said data will be able to access the information. IASF staff / interested parties are also bound by a confidentiality / Non-disclosure agreement respectively.
In line with our QMS requirements any data will be held on record for a minimum period of ten years. Hard copy data will be shredded after the required retention period has passed. Electronic data will be held indefinitely.
In agreement with industry practice, information will be distributed to you our client in electronic format when requested. IASF have contacted all our clients / suppliers and have given them a chance to “opt in” to accept our GDPR policy, by accepting the opt in it confirms that you accept that we may send you other information in relation to our services and any associated information that we think you may be interested in receiving. To opt in complete the form on the IASF website (above).
Organisations supplying services and products to IASF are also bound to comply with GDPR, and as receivers and holders of supplier’s information, IASF will treat your contact details as confidential and will not share them with any other organisation unless you give us your consent to do so or we are required to do so by a legal party.
IASF will continue to contact clients where there is a legitimate business need in relation to services that we have previously delivered and may affect ongoing validity of inspections / certification offered.
IASF GDPR policy January V4 2020