LEYBURN LIVESTOCK AUCTION MART COMPANY LIMITED
THE GENERAL DATA PROTECTION REGULATION (GDPR)
GDPR (General Data Protection Regulation)
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). GDPR will come into effect across the EU on 25th May 2018.
WHO ARE WE?
Leyburn Livestock Auction Mart Company Limited has been established since 1918. It has 2400 shares which are owned by over 550 shareholders. Leyburn Auction Mart deals mainly with the sale of livestock and also holds sales throughout the year of machinery, implements and land.
Leyburn Auction Mart deals with sellers and buyers (‘customers’), shareholders, directors, employees (past & present) and suppliers. Data held on these people consists of names, addresses, telephone numbers, email addresses, bank details, holding numbers, flock numbers, Farm Assurance numbers and any other necessary information.
Similar data is also held on Limited Companies, PLC’s and Public Bodies (e.g. Councils)
This data is held on the Auction Mart’s computers. The system used in-house is Newline ASP which is a software and IT support business. The data is backed up onto a hard drive on a daily basis which is kept in a locked underground safe on the premises.
Newline ASP encrypts all information.
Leyburn Auction Mart only holds data given to it by its customers, shareholders, directors, employees and suppliers for the purpose of opening active accounts, by consent, enabling those persons to trade contractually with it, according to the Auction Mart’s terms and conditions of business. Such data is held only by Leyburn Auction Mart which does not share it with any other person, company or entity.
A policy is in place where such data is held for 7 years; if after this time the person, company, or other business entity has not traded or corresponded with Leyburn Auction Mart during such period, all data (including financial accounts) is confidentially deleted from the computer systems and all paper records are confidentially destroyed.
If at anytime any person or company requests that their data be deleted from the computer systems or that their paper records be destroyed then such requests are carried out immediately.
All customers can request copies of previous sale day’s invoices or copy cheques by email or post.
At customers’ request catalogues for forthcoming events/sales are sent by email, post or text. Leyburn Auction Mart can only do this where the customers requesting them, have first provided information as to where, how, and to whom they would like them sending.
Mailing lists are only sent out to customers who have requested this service. An option to include customers in any mailing list is available on their customer page through the Newline ASP system.
All customers, shareholders, directors, employees, suppliers, companies and other entities have the right to view data which is held about them. The data can be viewed by prior request of either the Manager or Company Secretary who have full access to it.
If customers request the opening of an account with Leyburn Auction Mart it is at the discretion of the Manager and Directors. Any new customers entering the Newline ASP system from [Monday 14th May] will be asked to sign a declaration form allowing Leyburn Auction Mart to use such information for contractual purposes.
THIRD PARTY DATA PROCESSING
Where there is a legal obligation to share personal information with others, for example with HMR&C, or in order to keep customer details required for accounting and VAT records, or under an Order of Court, then such information will be shared, as required.
In the case of emergency or accident on the premises, any information necessary for the saving of life or provision of necessary medical care will be passed on to emergency services.
STAFF – ACCESS TO DATA
Office staff have their own passwords and log-in details. These details allow them to access information that is only relevant for them to use. Only the Manager and Company Secretary have access to the accounts system which runs through Newline ASP. They log on with their own passwords. Sale day staff that work outside in the sale rings only need minimal access to customers’ accounts to enable them to pre-enter in order to sell items belonging to sellers to relevant buyers.
Staff working in the office have greater access to customers’ and other data. These staff are fully aware of the need for customer confidentiality and are fully instructed on the need for such.
Several members of the Company have a mobile version of Newline ASP. This is accessible via their mobile telephones. This app stores the customer name, address and phone number data on it. There is a kill command available to delete the data if the phone is lost or stolen.
If anyone finds that any personal data has been used without authority or has been obtained in an unlawful manner it is required that such breaches be reported to the Manager or Company Secretary of Leyburn Auction Mart and the ICO.
If any breach of Personal Data is found the ICO (Information Commissioner’s Office) is to be notified within 24 hours. 72 hours is the absolute maximum time allowed for reporting such breaches.
Last updated 25/05/2018
Leyburn Auction Mart
Richmond Road, Leyburn, North Yorkshire, DL8 5DP
Tel: (01969) 623 167
Stephen Mobile: (07866) 358 130
Please notify the mart office if your Farm Assurance number changes, you discontinue or become Farm Assured.