GDPR

We want to be able to keep in touch with you and in accordance with the new Data Protection Guidelines (GDPR) you are required to ‘opt in’ and give us your consent.

By completing this form you can opt in to give consent for CASL to stay in touch with you.

CASL GDPR Policy

The General Data Protection Regulation (GDPR) requires us (CASL) to inform our clients of the relevant data that we need to collect as part of our day to day business to satisfy the requirements of applicable standards and accreditations that we comply with. The applicable standards we use for inspection and certification purposes require us to record individual’s details that will appear on the final certification to be issued.

The data we collect / have collected will only be used in relation to the agreed contractual obligations you have requested us to comply with. This data will not be shared with any other party unless it is a legitimate need in the inspection / certification process. This is covered in our contract review process as we may subcontract some activities. Under the requirements of the accreditations, we hold we will have to give specific information to any legal party who may need access to such data, this is outside of our control and is addressed in our updated contract review process with you our clients.

The data we collect is recorded and held in hard copy format and is kept under secure conditions. Data for certification activities are held in electronic format. This data is secure and held on an encrypted server. No one other than nominated employees of CASL with access rights to said data will be able to access the information. CASL staff / interested parties are also bound by a confidentiality / non-disclosure agreement respectively.

In line with our QMS and accreditation requirements any data will be held on record for a minimum period of ten years. Hard copy data will be shredded after the required retention period has passed. Electronic data will be held indefinitely.

In agreement with industry practice, the certification will be distributed to you our client in electronic format when requested and all final certification will be issued in a hard copy format and sent to you our clients by normal mailing systems, this will be marked private and confidential. On receipt of final certification, the data then becomes the responsibility of the recipient. CASL have contacted all our clients / suppliers and have given them a chance to “opt in” to accept our GDPR policy, by accepting the opt in it confirms that you accept that we may send you other information in relation to our services and any associated information that we think you may be interested in receiving. To opt in complete the form on the CASL website (above).

Organisations supplying services and products to CASL are also bound to comply with GDPR, and as receivers and holders of supplier’s information, CASL will treat your contact details as confidential and will not share them with any other organisation unless you give us your consent to do so or we are required to do so by a legal party.

CASL will continue to contact clients where there is a legitimate business need in relation to services that we have previously delivered and may affect the ongoing validity of inspections / certification offered.

CASL GDPR policy May V2 2018