Neva Consultants GDPR Statement

 

What is GDPR?

The General Data Protection Regulation (GDPR) will become law on 25th May 2018 and
will impact how personal data is collected and processed by companies.
At Neva Consultants, we are currently in the process of enhancing our existing data protection systems and processes in order to meet the new GDPR standards.

What is Personal Data?

Personal data refers to any information or expression of opinion that may allow an individual to be identified, for example, their name, address, gender etc. The term data refers to any digital, automated data or manual information gathered by a company.

What Personal Data does Neva Consultants gather?

Neva Consultants will only gather personal data that is necessary for the purposes of processing new orders. Personal data will generally only be collected directly from you. However, sometimes we may collect your personal data from another person, for
instance a fleet manager, where the nature of your business with us necessitates this
or if you are using our fleet management software.

We do not collect any sensitive data, except where a physical or mental health vulnerability is disclosed directly to us during the process of an order.

How will Neva Consultants use my Personal Data?

Your data will be used for processing orders, ongoing contract communications, critical in-life contract services and notifications, fleet management services and for optional marketing communications.

Your data may be communicated to selected third parties in order to progress your order, for example, to our select panel of finance providers or approved dealerships. Neva Consultants aim to ensure that these third parties have sufficient data security measures in place when handling your data, and our monitoring of these measures will be enhanced according to our GDPR plan.


How is Personal Data stored at Neva Consultants?

Neva Consultants have existing physical, technical and organisational systems in place to ensure the safeguarding of personal client data which are being enhanced in line with GDPR recommendations. Personal data in physical and digital formats is stored in data centre locations within the UK and Ireland. Personal data stored in marketing software platforms or email archives may be stored in EU or US locations, however these are compliant with GDPR and privacy shield frameworks Neva Consultants have adopted strict confidentiality and data protection policies in relation to your data which all staff must adhere to and acknowledge annually.

How are Neva Consultants preparing for GDPR?

Like many other businesses, we are still taking steps towards being fully compliant with GDPR. An updated statement will be made available prior to the GDPR deadline. 
Should you require any further information in relation to our GDPR efforts, please contact our Compliance Department: compliance@neva-consultants.com