privacy policy

Overview

The data protection law has changed from the Data Protection Act (1998), replaced on 25th May 2018 by the EU General Data Protection Regulation (GDPR), and we want to ensure complete transparency on how your personal information is held and processed and what your rights as an individual are under the new GDPR.

This privacy policy sets out how Helmet Integrated Systems Limited, trading as Gentex Europe (“The Company”, “us” or “we”) uses and protects any information that you give the Company when you use this website. The Company is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy policy.

The Company may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25th May 2018.

We take your privacy very seriously and will only use your personal information for the purposes laid out below.

We routinely collect and use personal data about individuals, including permanent staff, contracted staff, or business partners ("you"). We are aware of our responsibilities to handle your personal data with care, to keep it secure and comply with applicable privacy and data legislation.

How we use your information

This privacy notice tells you what to expect when we collect personal information. It applies to information we collect about:

  1. rights of the individual
  2. what do we collect and why
  3. visitors to our website
  4. people who communicate with us
  5. job applicants and our current and former employees
  6. complaints regarding your personal data
  7. access to personal information
  8. right to be forgotten
  9. people who make a complaint to us
  10. data breaches
  11. changes to this privacy policy
  12. how to contact us

You should be aware that although we will be principally responsible for controlling and looking after your personal data and we may pass your details to other members within the company when required, your data will comply with the standards set out in this policy and when we pass it on to an external third party for processing, we will not do so without your knowledge and consent. We will also stipulate how they must process your data, ensure it is held securely and they are transparent with any data breaches of your data and they do not pass your data on to any other 3rd parties without your consent.

1. Rights of the individual

As the owner of your data, GDPR is the toolset that allows you to ensure your data protection rights as an individual to:

  1. The right to be informed
  2. The right of access
  3. The right of rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. The right to automated decision making and profiling

This policy shows you how we manage your data to ensure these rights.

2. What do we collect and why?

When we collect your personal information, we ensure it is managed properly and securely. If we collect “sensitive information”, which relates to physical or mental health; racial or ethnic origin; political opinions; trade union membership; religious beliefs; sexual life; commission or alleged commission of an offence and the sentence of any court, we will ask specifically to collect it and ensure there is extra security around its management and storage.

Below are where and how we collect personal data:

  • when you have entered your personal information into forms on this website;
  • when you contact us directly by telephone or email, including your unsolicited approaches to us;
  • when you contact us via LiveChat or Instant Messaging services
  • when you contact us via Social Media
  • when you give us your business card(s) or contact details
  • when a third party has arranged your introduction to us, or otherwise facilitated email communication.
  • when you apply for a job with us. Your CV will be collected for any job vacancies and held in line with our retention policies
  • Your employment contract and any personal data we hold on your employment is stated in the internal privacy policy and your contract. We collect your data as per your agreement and under the terms stated in your contract, allowing us to administer your contract, holding only the minimal required data to do so.

We will only keep your data in line with our agreed retention policies, unless we have an exception to this, in which case we will ensure you understand the reasons why we will have to hold your information for longer.

In the course of delivering our products and services and any other relevant activities, we collect some or all of the following personal information:

  • Name(s), Postal Address(es), Telephone Number(s) and Email Address(es)
  • Demographic information such as preferences and interests
  • Other information relevant to customer surveys and/or offers

We will typically collect and use this information for the following purposes:

  • For the performance of an agreement you have with us
  • For the purposes of our legitimate business interests,, but only if these are not overridden by your interests, rights or freedoms.

We seek to ensure that our use of personal information is always proportionate.

The Legal Basis on Which We Collect, Store and Use Your Personal Information - We retain and use your personal information for our legitimate business interests.

3. Visitors to our website

When someone visits this site, the company governs the privacy of users who choose to use the site. It explains how we comply with the GDPR (General Data Protection Regulation) and the PECR (Privacy and Electronic Communications Regulations), which will be superseded by the ePrivacy Regulation later in 2018 and will work alongside the GDPR.

This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under GDPR and PECR are adhered to. Our contact information is provided if you have any questions.

Security and performance

We use a third-party service to help maintain the security and performance of our website. To deliver this service it processes the IP addresses of visitors to the website.

Links to other websites

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

Use of Cookies

This website may use cookies to better the users experience while visiting the website. As required by legislation, where applicable this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device.

What are cookies?

Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server, to provide the users with a tailored experience within this website.

Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.

Website Visitor Tracking

This website may choose to use tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.

Adverts and Sponsored Links

This website may contain sponsored links and adverts. These will typically be served through our advertising partners, who may have detailed privacy policies relating directly to the adverts they serve.

Clicking on any such adverts will send you to the advertisers website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computers hard drive. Users should therefore note they click on sponsored external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Downloads & Media Files

Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications.

We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti virus software or similar applications.

4. People who communicate with us

Users contacting us through this website or via email do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.

People who contact us via social media

We use social media, such as Facebook, Twitter and Instagram, to communicate with our industry peers. If you send us a private or direct message via social media, such as your CV, we may keep it for up to 3 years. We do not pass on to external processors without your consent.

People who email us

Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

5. Job Applicants, current and former employees

When individuals apply to work with us, we will only use the information they supply to us, within the company, and to process their application. Where we want to disclose information to a third party, for example where we want to obtain a ‘disclosure’ from the Disclosure and Barring Service we will not do so without informing them beforehand unless the disclosure is required by law.

Personal information about unsuccessful candidates will be held for up to 3 years after the recruitment exercise has been completed, it will then be destroyed or deleted.

Once a person has been hired by us, we will compile a file relating to their service / employment with us. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with us has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete it.

6. Complaints regarding your personal data

We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate or data has been unfairly shared, lost or held inappropriately. We would also welcome any suggestions for improving our procedures.

How to voice your concerns to us

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to our DPO contact, Sarah Harrington, at the email address: sharrington@gentexcorp.eu.com

If you are unhappy with our response you have the right to escalate this to the Information Commissioner’s Office (ICO) @ https://ico.org.uk/concerns/

7. Access to personal information

We try to be as open as we can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’, without any cost to the individual and in a machine readable format. If we do hold information about you we will:

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of the information in an intelligible form within one calendar month

To make a request to the company for any personal information we may hold you need to put the request in writing, addressing it to our Data Protection Team via Sarah Harrington at sharrington@gentexcorp.eu.com

We will ensure a response to you in a machine readable format is provided within one calendar month.

If we do not hold information about you due to it being erased due to the retention dates being expired or through a previous request for erasure, we will inform you. Any further questions can be submitted to our Data Protection Team and should you feel the response not to be adequate you have the opportunity to escalate to the ICO.

8. Right to be forgotten

Within GDPR every individual has the right for their data to be forgotten or erased, unless there are legal grounds which do not allow the erasure, such as:

  • legal obligations, such as HMRC or a legal investigation
  • contractual obligations which must be fulfilled by the company
  • public task or interest where it is helping with the detection or prevention of a criminal act

Should you request to be forgotten, or give authority to a 3rd party, such as your solicitor, we will confirm the identity and then proceed to remove your personally identifiable data from our records and send you an audit. We will keep the minimum data to identify you as a living person, in case of an audit by the ICO or a second request should come in, so as to prove we have acted in accordance with the GDPR.

Again, should you not be happy with the process we have gone through you have the right to complain to our Data Protection Team, and in turn if the response is not adequate you retain the right to escalate this to the ICO.

9. People who make a complaint to us

When we receive a complaint from a person, we log the details of the complaint and validate them against our records. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint.

We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for 3 years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues.

Retention and deletion of data records

We will ensure your data is retained for the agreed retention period and deleted at that point. We will also ensure your data is properly deleted. This also includes any data transmissions that hold data temporarily, as we will ensure they are deleted after the event.

10. Data Breaches

We ensure all your data is held securely and our staff are being trained to understand the many different types of breaches, such as:

  • Hacking by external parties - We ensure we have the correct security in place to secure our premises and the correct access internally should an internal party look to hack into secure areas.
  • Break-ins to our premises and stealing of data or computer equipment - We abide by a clear desk policy to ensure personal data is secured every evening and security on our premises is checked regularly.
  • Virus affecting our IT infrastructure - We have state of the art anti-virus software with backups and disaster recovery in place should we have issues.
  • Couriers, cleaners or third parties having access to our premises - Our clear desk policy, physical security checks and staff awareness ensure we have a safe and secure environment.

11. Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 24th May 2018.

12. How to contact us

If you would like to request information about our privacy policy, you can email our Data Protection Team via Sarah Harrington at sharrington@gentexcorp.eu.com or write to:

Sarah Harrington
Executive Assistant
Gentex Europe
Unit 3, Focus Four
Fourth Avenue
Letchworth Garden City
Hertfordshire SG6 2TU

Website Design by E Marketing Support Ltd