{"id":2471,"date":"2021-08-11T11:12:43","date_gmt":"2021-08-11T10:12:43","guid":{"rendered":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/?page_id=2471"},"modified":"2021-08-11T11:26:04","modified_gmt":"2021-08-11T10:26:04","slug":"coacto-gdpr-policy","status":"publish","type":"page","link":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/","title":{"rendered":"Coacto GDPR Policy"},"content":{"rendered":"\n<h4 class=\"wp-block-heading\"><strong>Introduction<\/strong><\/h4>\n\n\n\n<p>Individuals have the right to request erasure of their personal data in certain circumstances. Our business must comply with the requirements of the UK General Data Protection Regulations (UK GDPR) and we must be able to demonstrate compliance to the Information Commissioner\u2019s Office (ICO).<\/p>\n\n\n\n<p>Upon receipt of a request for erasure our internal policy is as follows:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Responsibility<\/strong><\/h4>\n\n\n\n<p>Paul Harris, Founder and Principal Consultant is responsible for the handling of right of erasure requests in our business.<\/p>\n\n\n\n<p>The duties of the data protection team include but are not limited to:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Log the receipt and fulfilment of all requests received from a data subject\/the person making the request\/requestor.&nbsp;&nbsp;<\/li><li>Acknowledge the request.&nbsp;<\/li><li>Verify the identity of any person making the request.<\/li><li>Maintain a database on the volume of requests and compliance against the statutory timescales.<\/li><li>Verify whether if we are the controller of the data subject\u2019s personal data.&nbsp;<\/li><li>Check if we are not a controller, but rather a processor. If so, inform the data subject and refer them to the actual controller. This needs to be recorded in writing.<\/li><li>Where applicable, decide if a request is excessive, unfounded or repetitive and communicate this to the requestor.<\/li><li>Decide if an exemption applies.<\/li><li>If a request is submitted in electronic form, any information should preferably be provided by electronic means as well.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Oral or written requests&nbsp;<\/strong><\/h4>\n\n\n\n<p>Right of erasure requests can be made in writing, electronically or verbally.&nbsp;<\/p>\n\n\n\n<p>If a member of staff is in any doubt if a certain situation has given rise to a valid right of erasure, contact Paul Harris by email providing full details of the incident. Staff should do this without delay and certainly within two business days.<\/p>\n\n\n\n<p>Where a member of staff receives a right of erasure request, they must email the relevant information to Paul Harris at <a href=\"&#x6d;a&#x69;&#108;&#x74;&#111;:&#x70;a&#x75;&#108;&#x2e;&#104;a&#x72;&#114;&#x69;&#115;&#64;&#x63;o&#x61;&#99;&#x74;&#111;&#46;&#x63;o&#x2e;&#117;&#x6b;\">&#112;r&#x69;v&#x61;c&#x79;&#64;&#x63;o&#x61;c&#x74;&#111;&#x2e;&#99;&#x6f;&#46;&#x75;&#107;<\/a> without delay and certainly within two business days.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>How do we verify the requestor\u2019s identity?<\/strong><\/h4>\n\n\n\n<p>If we are in doubt as to the identity of the requestor, you may ask the individual to supply valid evidence to prove their identity.&nbsp;<\/p>\n\n\n\n<p>We may verify the requestor\u2019s identity either through a phone call where we ask questions that only the requestor will know the answers to or by requesting forms of identification.<\/p>\n\n\n\n<p>We accept the following forms of identification:<\/p>\n\n\n\n<p>\u2022 Current UK\/EEA Passport<\/p>\n\n\n\n<p>\u2022 UK Driving Licence&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>How to process the request<\/strong><\/h4>\n\n\n\n<p>Our aim is to determine the validity of the erasure request. If the request is not clear, or where if we process a large quantity of information about an individual, the UK GDPR permits us to ask the individual to specify the information the request relates to. Where this applies, we will proceed with a request for additional information.&nbsp;<\/p>\n\n\n\n<p>We must respond to the data subject within 30 days of receiving the request as valid. This is a requirement under the UK GDPR.<\/p>\n\n\n\n<p>Any employee, who receives a request from Paul Harris to locate and supply information relating to an erasure request, must make a full exhaustive search of the records which they are responsible for or own. This may include but is not limited to emails (including archived emails and those that have been deleted but are still recoverable), Word documents, spreadsheets, databases, systems, removable media (for example, memory sticks), recordings, paper records in relevant filing systems.<\/p>\n\n\n\n<p>Paul Harris should check whether the erasure request also involves data shared with third parties or online.<\/p>\n\n\n\n<p>If it\u2019s found to be a valid request for erasure we must comply unless an exemption can be applied (see below). Information must be supplied in an intelligible form and we must explain acronyms, codes or complex terms, where relevant.&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>No charge to comply with the request (with exceptions)<\/strong><\/h4>\n\n\n\n<p>We must fulfill valid requests for erasure&nbsp;free of charge, as per the UK GDPR rules. However, we may charge a \u2018reasonable fee\u2019 when a request is manifestly unfounded or excessive, particularly if it is repetitive.<\/p>\n\n\n\n<p>Where applicable, Paul Harris will determine the \u2018reasonable fee\u2019 that must be based on our administrative cost incurred by our business.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Excessive, manifestly unfounded or repetitive requests<\/strong><\/h4>\n\n\n\n<p>Where requests are manifestly unfounded, excessive and repetitive, we may refuse to act on the request or charge a reasonable administration fee. Paul Harris will make a decision on this.<\/p>\n\n\n\n<p>Paul Harris must provide information on our decision to the requestor in writing within 30 days and must state how they reached their decision.&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Complex requests<\/strong><\/h4>\n\n\n\n<p>As stated we have to respond to a request for erasure within 30 days. If more time is needed to respond to complex requests, an extension of another two months is permissible, provided this is communicated to the data subject in a timely manner and within 30 days.<\/p>\n\n\n\n<p>Where we decide not to take action on the request of the data subject, we need to inform the data subject of this decision without delay and at the latest within 30 days of receipt of the request.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>How to handle exemptions?<\/strong><\/h4>\n\n\n\n<p>If a member of staff believes that we have a valid business reason for an exemption, please inform the data protection team without delay by email to &#x70;&#x72;&#x69;&#x76;&#97;&#99;&#121;&#64;c&#x6f;&#x61;&#x63;&#x74;&#x6f;&#46;&#99;&#111;&#46;u&#x6b;.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Complaints<\/strong><\/h4>\n\n\n\n<p>Where a requestor is not satisfied with a response to a request, we must manage this as a complaint. We must advise the requestor that if they remain unhappy with the outcome they may complain to the <a href=\"https:\/\/ico.org.uk\/global\/contact-us\/\">Information Commissioners Office<\/a> or take legal action against us.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Breach statement<\/strong><\/h4>\n\n\n\n<p>Breaches of this policy by members of staff will be investigated and may result in disciplinary action. Serious breaches of policy may be considered gross misconduct and result in dismissal without notice, or legal action being taken against the relevant member of staff.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction Individuals have the right to request erasure of their personal data in certain circumstances. Our business must comply with the requirements of the UK General Data Protection Regulations (UK GDPR) and we must be able to demonstrate compliance to the Information Commissioner\u2019s Office (ICO). Upon receipt of a request for erasure our internal policy is as follows: Responsibility Paul Harris, Founder and Principal Consultant [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1343,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2471","page","type-page","status-publish","has-post-thumbnail","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Coacto GDPR Policy | Coacto Consulting<\/title>\n<meta name=\"description\" content=\"Coacto are a Salesforce Implementation Partner located in the South West. Please read through our Coacto GDPR Policy.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Coacto GDPR Policy | Coacto Consulting\" \/>\n<meta property=\"og:description\" content=\"Coacto are a Salesforce Implementation Partner located in the South West. Please read through our Coacto GDPR Policy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"Coacto Consultants\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-11T10:26:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-content\/uploads\/2020\/02\/potential-web-header-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/\",\"url\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/\",\"name\":\"Coacto GDPR Policy | Coacto Consulting\",\"isPartOf\":{\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#website\"},\"datePublished\":\"2021-08-11T10:12:43+00:00\",\"dateModified\":\"2021-08-11T10:26:04+00:00\",\"description\":\"Coacto are a Salesforce Implementation Partner located in the South West. Please read through our Coacto GDPR Policy.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Coacto GDPR Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#website\",\"url\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/\",\"name\":\"Coacto Consultants\",\"description\":\"Delivery Salesforce systems that align with your business goals.\",\"publisher\":{\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#organization\",\"name\":\"Coacto Consultants\",\"url\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-content\/uploads\/2020\/11\/Coacto-Animated-Logo-100-x-50-1.gif\",\"contentUrl\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-content\/uploads\/2020\/11\/Coacto-Animated-Logo-100-x-50-1.gif\",\"width\":100,\"height\":50,\"caption\":\"Coacto Consultants\"},\"image\":{\"@id\":\"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Coacto GDPR Policy | Coacto Consulting","description":"Coacto are a Salesforce Implementation Partner located in the South West. Please read through our Coacto GDPR Policy.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"Coacto GDPR Policy | Coacto Consulting","og_description":"Coacto are a Salesforce Implementation Partner located in the South West. Please read through our Coacto GDPR Policy.","og_url":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/","og_site_name":"Coacto Consultants","article_modified_time":"2021-08-11T10:26:04+00:00","og_image":[{"width":1920,"height":300,"url":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-content\/uploads\/2020\/02\/potential-web-header-1.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/","url":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/","name":"Coacto GDPR Policy | Coacto Consulting","isPartOf":{"@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#website"},"datePublished":"2021-08-11T10:12:43+00:00","dateModified":"2021-08-11T10:26:04+00:00","description":"Coacto are a Salesforce Implementation Partner located in the South West. Please read through our Coacto GDPR Policy.","breadcrumb":{"@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/coacto-gdpr-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/"},{"@type":"ListItem","position":2,"name":"Coacto GDPR Policy"}]},{"@type":"WebSite","@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#website","url":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/","name":"Coacto Consultants","description":"Delivery Salesforce systems that align with your business goals.","publisher":{"@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#organization","name":"Coacto Consultants","url":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#\/schema\/logo\/image\/","url":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-content\/uploads\/2020\/11\/Coacto-Animated-Logo-100-x-50-1.gif","contentUrl":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-content\/uploads\/2020\/11\/Coacto-Animated-Logo-100-x-50-1.gif","width":100,"height":50,"caption":"Coacto Consultants"},"image":{"@id":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/pages\/2471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/comments?post=2471"}],"version-history":[{"count":1,"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/pages\/2471\/revisions"}],"predecessor-version":[{"id":2472,"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/pages\/2471\/revisions\/2472"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/media\/1343"}],"wp:attachment":[{"href":"https:\/\/www.coacto.co.uk\/pre-prod-sandbox\/wp-json\/wp\/v2\/media?parent=2471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}