1.1 In this policy, “we”, “us”, “our” and A.W.Keil” refer to 1 st A.W.Keil Locksmiths Ltd, and “you”
and “your” refer to our customers.
1.2 We are committed to protect the private data we receive and store from you and respect
your rights under the General Data Protection Regulation.
1.3 This Policy applies when we received your data and we are acting as “data controller” and
when we process it and we are acting as “data processor”.
1.4 For more information – please call us on 0208 303 3862, email [email protected] or write
to A.W.Keil Ltd, 110 Bellegrove Road, Welling, Kent DA16 3QD
- Origin of our data
2.1 We collect data through various channels, though not all of it is personal data:
Names, telephone numbers, email addresses, as well as other pieces of information, are
collected through our website or during telephone conversations or email exchanges.
2.2 Some personal data, such as personal telephone numbers, are given to us by our clients, so
that we can get in touch with a site contact, a landlord or other parties who are relevant to
our business transaction.
2.3 We do not purchase personal information from any third parties.
- Processing your data
3.1 Your data will be used as “correspondence data” (A.W. Keil may contact you by emailing or
calling to give you updates on the service required or to send you a written quote). The lawful
basis of processing the correspondence data is the legitimate interest to perform a service,
requested by you from us.
- Sharing your details
4.1 A.W.Keil does not share your private data with any third party, notwithstanding the following
We sometimes have to pass names and other details onto suppliers of security keys and
other products to verify that a customer is authorised to obtain the items they have requested.
If you are a registered signatory for a A.W.Keil security key or master suite, and somebody
expresses interest in purchasing one of these keys, we will share your name and/or the
name of any other registered persons. If the interested party is aware of who you are, then
they will be able to get in touch. We do not divulge contact details of signatories.
On occasion we subcontract work, and may, for the purposes of such work, share your
private data with those involved in the work.
- Storing your data
5.1 Your private data may be printed out and secured in our office. The office is secured by high-
security locks, grilles and shutters, physical access to the private data is granted only to A.W Keil
5.2 Data is also stored on our accounts software and computers all secured by a strong
password, and only accessed by A.W.Keil employees.
- Deleting your data
6.1 Once your private data is no longer relevant/needed for the conduct of business at A.W.Keil,
we will delete the electronic files.
6.2 Physical files are shredded in-house approximately six years after a transaction has taken
place, unless the records must be kept until further notice (we keep key registration documents
indefinitely, for example, until they are superseded or until the registered person or persons
have requested for the file to be removed).
- Data breaches
7.1 A.W. Keil have standard procedures to protect your details against data breaches such as
passwords that re periodically changed for electronic files, and a secure office with limited
access for physical files. For more details on how we securely store your documents please see
7.2 A.W. Keil understands the legal requirement to report a data breach to ICO (Information
Commissioner’s Office) within 72 hours from the event. We also commit to inform every person
that has been affected by the data breach.
8.1 We may update this policy in order to improve our data management.
- Your rights (GDPR rights of the natural person)
9.1 Here are the rights you have, as a data subject, in relation to your personal information:
To be informed about how, why and on what basis that information is processed.
To obtain confirmation that your information is being processed and to obtain access to it
and certain other information, by making a subject access request – your request will be
answered in a maximum period of 7 days.
To have data corrected if it is inaccurate or incomplete.
To have data erased if it is no longer necessary for the purpose for which it was originally
collected/processed, or if there are no overriding legitimate grounds for the processing (i.e.
the right to be forgotten).
To restrict the processing of personal information where the accuracy of the information is
contested, or the processing is unlawful (buy you do not want the data to be erased), or
where the employer no longer needs the personal information, but you require the data to
establish, exercise or defend a legal claim.
To restrict the processing of personal information temporarily where you do not think it is
accurate (and the employer is verifying whether it is accurate), or where you have objected
to the processing (and the employer is considering whether the organisation’s legitimate
grounds override your interests).
9.2 If you wish to exercise any of the rights in paragraphs, please contact the date protection
officer on [email protected]