Reviewed February 2024
The General Data Protection Regulation (GDPR) is a comprehensive update to European Law that came into effect in 2018. The GDPR is designed to empower all EU residents' privacy and change the way organisations approach data privacy. The GDPR applies to all organisations that hold data for EU citizens, regardless of size.
GDPR ensures that personal data is secure and properly managed, which is of paramount importance to DSF Refractories & Minerals Ltd. We have made enhancements to processes, products, contracts, and documentation to ensure we fully conform to GDPR.
Personal data is information relating to an identified or identifiable natural person. An identifiable natural person is someone who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, an online identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.
DSF collects and stores data from suppliers, contractors, customers, employees, and prospective employees.
DSF collects personal data from multiple sources, including HR documents, email correspondence, and other information necessary to conclude transactions and fulfil contractual obligations. While the provision of personal data is voluntary, it may be required to fulfil a contractual or legal requirement. We only hold and process data necessary for completing our operations.
Data processing refers to the actions taken to fulfil a contract to which the data subject is a party or to carry out their instructions before entering a contract. We maintain records of all processing activities, as required by Article 30 of the GDPR, including the purpose for processing, categories of data subjects, recipients, and retention periods.
DSF uses your personal data for activities such as fulfilling contracts, responding to information requests, providing information about products and services, and monitoring customer satisfaction. Full details of how we use your personal data are provided in a separate document.
We protect your personal information using technical and administrative security measures, such as firewalls, data encryption, and access authorisation controls. We also ensure that privacy settings are set to high levels by default and that data protection is incorporated into business processes by design.
A data breach refers to any security incident resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access to personal data. If such a breach poses a risk to individuals' rights and freedoms, DSF will notify the data subjects within 72 hours of becoming aware of the breach.
Under GDPR, individuals are entitled to request information about whether their personal data is being processed, where it is processed, and for what purpose. DSF will respond to any Subject Access Request within the mandatory one-month period.
DSF does not sell, rent, or disclose personal information to third parties without consent unless compelled by law. For any questions or complaints regarding this policy, or to request information, please contact the Financial Director or the HR Office.
If you have any further questions regarding our GDPR compliance, please contact:
Paul Hutchinson
Managing Director
DSF Refractories & Minerals Ltd.
Email: info@dsf.com