This information page is designed to inform our new and existing customers the approach of Henry Herbert towards the main elements of Europe’s new General Data Protection Regulation (GDPR).
It also tells you how you can find more information about what data we hold.
The GDPR aims primarily to give control to citizens and residents over their personal data. More information about it can be found here. It comes in to force from the 25th May 2018. Henry Herbert is committed to comply with GDPR.
Henry Herbert has attended a Government summit on GDPR to ensure our commitment meets the guidelines.
Elizabeth Denham, UK information commissioner at the Information Commissioner’s Office (ICO) has publicly announced that the ICO are “not looking for prosecutions over mishandling of data, but commitment from firms to handle personal data with care and respect.”
Our data policy
Henry Herbert is committed to handle data with care and respect and to create an atmosphere of minimal and fair use of customer information. However, GDPR is an evolving subject and we are committed to continuous improvement and will always welcome constructive criticism where we may be able to improve in this area. This is very much in harmony with the thoughts of the ICO. If you believe this may be the case, please email firstname.lastname@example.org.
The ICO states we must:
only collect information that we need for a specific purpose;
keep it secure;
ensure it is relevant and up to date;
only hold as much as we need, and only for as long as we need it; and
allow the subject of the information to see it on request.
Overview of data
Henry Herbert is a registered Data Controller with the Information Commissioners Office to lawfully handle and hold data.
It is important to note that Henry Herbert never, ever shares, sells or communicates any customer information with any other organisation, third party or any non-employee of the company.
Henry Herbert only uses data in the following ways:
- To notify a customer that work has been completed
- To send a birthday card
- To send a Christmas card
- To send our electronic newsletter to those customers that have actively opted in to receive it
- To reply to reviews and articles, although never including an address, telephone number or email. Replying to a review does not fall within the remit of the GDPR as the “reviewer has actively and publicly taken the initiative to engage in a public domain and it is therefore reasonable for the subject of the review to continue that engagement.”
Data is not used in any other way and therefore we consider this to be the minimal and fair use of customer information.
From 25th May 2018, all Henry Herbert customers will be offered the opportunity to opt in to communications from Henry Herbert when they wish to make an order.
This will be a clear tick box to opt in to receive communications from Henry Herbert. Opting in will mean the customer agrees to be communicated in the ways illustrated in Points 1, 2 and 3.
Existing customers before 25th May 2018, will receive no communication from Henry Herbert as illustrated in Points 1, 2 and 3. We will wait for each customer prior to 25th May 2018 to contact us and at this opportunity they will be offered the opportunity to opt in to communication.
The new rules clarify that pre-ticked opt-in boxes are not indications of valid consent and so the box will be left blank for the customer to actively complete. The GDPR is also explicit that we’ve got to make it easy for people to exercise their right to withdraw consent.
Withdrawing consent can be done at any time and with immediate effect by emailing email@example.com
How our data is stored?
Henry Herbert stores no electronic information.
Our data is held in files.
Our data is held in secure premises, with insurance industry approved locks, with CCTV (a licence is held with the Information Commissioner’s Office to do this) and within an industry approved safe.
Only employees of Henry Herbert have access to this site.
If you wish to be informed of what information we hold for you, it must be put in writing with the following information:
Proof of Person – such as a utility bill.
This must be sent, with a covering signed and dated letter, to:
Henry Herbert Tailors
8 Lamb’s Conduit Passage
London WC1R 4RG
Please note, for purposes of data safety and verification, no enquiries can be dealt with by telephone or email.