IoT and Approval Solutions Limited (IoTAS) is a wireless technologies testing company. Under GDPR we are a Data Controller. This means we decide how your personal data is processed and for what purposes. At IoTAS we know that information relating to employment can at times be highly sensitive. We don’t sell personal data or make it available to any other organisation. Our Privacy Policy sets out the way in which we protect and manage your data.
We know that the data is not ours – we are merely custodians of your valuable information.
As a Data Controller
We comply with our obligations under the GDPR by:
Marketing and information promulgation is to business customers only. We send information by email on the basis of Legitimate Interest. We do not need consent for this, but we ensure people have an easy way to opt out of any communications.
Our employee data is managed on the basis of Legitimate Interest and Contract of Employment. Processing data is required for carrying out responsibilities under Employment Law. We process data on behalf of our customers under that same basis.
We do not knowingly transfer personal data overseas. Our major IT providers all have operations within the European Union and are legally required to be fully GDPR compliant.
We have a Data Retention Policy which can be found within our Company Handbook. Retention periods are typically based around statutory and legal requirements. A small number are based on industry best practice, such as the retention of financial information for 6 years as required by HMRC.
Your personal data is treated confidentially and is not sold. We do not share marketing data.
It may occasionally be necessary for us to share certain information with other providers, to ensure we fulfil our duty of care to staff. This could include, for example, occupational health. In this case, the staff member will be asked for permission to do this and the data shared will be the minimum necessary. We will seek assurance that the third-party provider is GDPR compliant.
Our website has a newsletter sign up option available to those individuals who wish to receive information on an occasional basis about our developments, services and business offerings. It is inherent that those individuals signing up shall have their contact details held by us and are therefore approving this data retention.
Cookies are used for the following purposes and are categorised according to the International Chamber of Commerce. More information can be found on our website.