HEATLINK SERVICES LTD
- Processing of Customer Personal Data
1.2 Instructions for Processing Personal Data. Heatlink Services Limited shall Process Personal Data as reasonably necessary and the Heatlink Services Limited may Process Personal Data otherwise than in accordance with Customer’s instructions if required to so by Applicable Law. In such case Heatlink Services Limited shall inform Customer of that legal requirement, unless prohibited from doing so by Applicable Law.
1.3 Compliance with Laws. Heatlink Services Limited in Processing the Customer Personal Data in accordance with Clause 1.2 above, shall comply with all applicable Data Protection Laws.
- Heatlink Services Personnel
2.1 Personnel Reliability. Heatlink Services Limited shall take reasonable steps to require background screening and to ensure the reliability of any personnel who may have access to the Customer Personal Data or the Customer environments in which the Personal Data is processed, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Customer Personal Data. In doing so we will ensure any personnel are informed of the confidential nature of Personal Data, have received training, and are subject to confidentiality obligations or professional or statutory obligations of confidentiality.
2.2 Data Protection Officer. Heatlink Services Limited have appointed a data protection officer. The appointed person may be reached at email@example.com
Laws applicable to the Customer. In such an event, If Customer notifies Heatlink Services Limited in writing of any objections (on reasonable grounds) to a Sub-processor added to the Sub-processor List within fourteen (14) days after the date of the applicable Sub-processor Notice:
- Support in Complying with Data Subject Rights
3.1 Requests from Data Subjects. Customer acknowledges, as part of the Services, it is responsible for responding to any Data Subjects’ request under any Data Protection Law to exercise the Data Subject’s right of access, right of rectification, restriction of Processing, right to be forgotten, data portability, object to processing, or its right not to be subjected to an automated decision-making process (“Data Subject Request”). Heatlink Services Limited shall to the extent permitted by Applicable Law, promptly notify Customer if it receives a Data Subject Request from a Data Subject; and
3.2 Government and Law Enforcement Authority Requests. Unless prohibited by Applicable Law or a legally-binding request of law enforcement, Heatlink Services Limited shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Personal Data.
- Breach Incident Notification.
4.1 Breach notice. Heatlink Services Limited shall notify Customer within 24 hours upon Heatlink Services Limited becoming aware of a confirmed Personal Data Breach affecting Customer Personal Data. To the extent able within the scope of the Services, Heatlink Services Limited will provide Customer with sufficient information to allow it to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
4.2 Investigatory Cooperation. Heatlink Services Limited shall co-operate with Customer and take such reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
5.1 Technical and organisational measures. Heatlink Services Limited shall implement and maintain appropriate technical and organisational measures designed to protect the security, confidentiality and integrity of Customer Personal Data, including to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, such Personal Data as set forth in Schedule A. Heatlink Services Limited regularly monitors compliance with these measures. Heatlink Services Limited reserves the right to update its technical and organisational measures and will not materially decrease the overall security of the Services pursuant to the Principal Agreement.
5.2 Return and Deletion of Personal Data. Upon termination of the Services, Heatlink Services Limited shall at Customer’s option, return and/or delete any Personal Data retained on the Services in accordance with the terms of the Principal Agreement and not retain any copies unless Heatlink Services Limited is required to do so by Applicable Law.
- Location and Storage of Personal Data
Personal Data may be stored at various data centre premises as part of the Services (the “Designated Data Centre Location”).
- General Terms
7.1 Without prejudice to any Mediation and Jurisdiction and Governing Law of any other agreement between the parties, or the applicability of any Data Protection Laws:
7.1.2 the obligations of Heatlink Services Limited and Affiliates arising hereunder are subject to and governed by the laws of the country or territory expressly set forth in the Principal Agreement.
need a free quote?
contact us today
Oil Tanks & Pump-outs
Heatlink Services Ltd
10 Roundtree Close
01603 980950 – Norfolk
01502 442838 – Suffolk
Terms and Conditions
Company Reg No. 10654905
VAT REGISTRATION 263 5536 94