WHAT ARE THE ASSURED GROUP OF COMPANIES DOING TO BE GDPR COMPLIANT ?



The guidance and policies you will find on this site apply to data protection activities across all companies, divisions and brands which trade as part of the Assured Group of Companies. These include, but are not limited to:

  • Assured Group Limited
  • Airport Valet Company Limited
  • Assured Valeting Ireland Ltd
  • Acerta Limited
  • Assured Fleet Solutions Limited
  • Logic 360 Limited
  • Spotless Limited

As part of our continuous focus on information security and data privacy our GDPR compliance is being a managed through programme of activities in the following areas:

Privacy by Design

Integrating data protection, privacy, and security requirements into our products and services as required, in all our business activities. We continually strive to improve what we do and so will evaluate and build better offerings to translate data protection compliance into actions and tangible improvements.

Third Party Management

Ensuring that Assured Group Of Companies’ valued customers and suppliers are best able to meet their obligations with respect to data privacy and establishing transparent arrangements through appropriate information sharing agreements. When we work with new suppliers or with long established strategic partners we look to apply standards that safeguard personal information.

Policies and Procedures

Reviewing standards and processes to define the personal information lifecycle and help ensure data transparency, accuracy, accessibility, completeness, security and consistency. Our Privacy Policy reflecting GDPR requirements sets the context for how we obtain, store and use information relating to our customers and our own people.

Information Security

Reviewing and improving our company wide information security framework, ensuring that incident response process remains effective and that confidentiality, integrity and availability of personal information is assured through appropriate technical and organisational measures

Information Governance

This is about mapping our data and identifying what we have, what we are doing with it, where it is, where it flows, and who has access to it. We classify data based on risk and sensitivity in context. That risk is data-led / person-led allowing us to focus on the outcome and purpose of processing leads to a better and more holistic risk profile and informs the commitment of data privacy that we make to our customers and suppliers.

This is how we protect your data:


The Data Lifecycle

1. Obtain

2. Hold

3. Use

4. Delete


Person Information

 

·         We only use personal data when necessary and lawful

·         We notify the person when collecting their data in person or via a 3rd Party

·         We request consent if required

 


Person Information

 

·         We only store personal data that must be used ongoing throughout the process

·         We secure the Data with encryption & access control, anonymisation or obfuscation

·         We keep information up to date

 


Person Information

 

·         We check there is a lawful purpose

·         We use in line with consent provided

·         We suspend processing for individuals data

·         We track which data is shared with others

 


Person Information

 

·         We identify data for retention

·         We know when retention periods end

·         We securely delete data that is no longer needed

 


Further information

As data controllers we are responsible for complying with the relevant requirements under the General Data Protection Regulation (“GDPR”) in respect of the personal data that we hold for legitimate business purposes.

As part of our GDPR company compliance and as required by the regulations, we are updating our analysis of processing activities as part of our continuous review of how personal information is handled across our business operations, products and services. As work progresses all relevant parties will be updated with key information including:

· Privacy Policy for our products and services.

· Refinements to our Supplier Agreements and consent mechanisms.

· Mechanisms by which subject access requests can be made in a secure manner.

· Details of Assured Group Of Companies products and processes explaining how we meet our obligations with respect to GDPR and also wider information security requirements.

· A set of FAQs to answer the most common questions about Assured Group Of Companies and GDPR which will also include questions about where we store relevant data.

· Our data protection governance arrangements and privacy mindset ensure that our operations are subject to continuous review to maintain alignment with GDPR. As we complete our preparations and as we introduce new products and services, the information provided here will therefore be updated periodically.

If you require further information relating to Assured Group Of Companies and GDPR, please contact us at this email address: info@assuredgroup.org



FAQs

Need a quick answer to one of your Assured Group of Companies questions? Here you go:


Is Assured Group Of Companies GDPR Compliant?

We have a GDPR Champions Project Team working to ensure that we meet our obligations relating to data protection compliance


Assured Group Of Companies GDPR activities are being led by the Project Team together with external subject experts, technical and legal advisors with practical experience in data protection and wider security aspects

From the viewpoint of our customers, we are confident that the security measures that we already have in place are fit for purpose and we do not expect any significant changes as a result of our GDPR compliance

Assured Group of Companies products and services will operate as usual and we will ensure that our customers benefit from our attention to security and data protection

Assured Group of Companies will keep Customers informed of updates to aspects such as privacy notices that refer to the new regulations, as these become available

There is no accredited third-party certification for GDPR at present. This may change in the future - for example, the European Commission may create a “Data Protection Seal”. Assured Group of Companies will keep watch on developments in this area


Where Does Assured Group Of Companies Store Personal Information?

Assured Group Of Companies is based in the EU and our products make use of hosting providers operating in Western Europe


As part of our GDPR compliance activities and as required by the regulations we are updating our analysis of processing activities as part of our continuous review of how personal information is handled across our business operations, products and services

Assured Group Of Companies is a European organisation and it is important that the personal information of our customers and our own people is handled in accordance with GDPR

Our data protection governance arrangements and privacy mindset ensure that our operations are subject to continuous review to maintain alignment with GDPR as we introduce new products and services

Our Third-party service providers operate under the same regulatory regimes and we select industry standard suppliers to ensure that we can deliver the best products and services


How Can I Request Access To My Personal Information?

We have online information for product users or get in touch with our Customer Satisfaction Team


We provide secure online self-service access to account information for our customers via the Assured Management System (AMS)

If you need further information additional to that available through our online channels, customers can contact Assured Group of Companies Customer Care who will be pleased to assist with general enquiries

If you have a specific request for personal information from the Assured Group of Companies please contact our Data Protection team on info@assuredgroup.org

Existing legislation and GDPR require organisations to respond to data subject access requests. Assured Group of Companies is already able to do so and has refined their current processes in respect of GDPR. Accordingly, as a matter of compliance we will need to authenticate your identity to ensure that we handle any request securely.


As an Assured Group Of Companies Customer or Supplier, Will Anything Change?

No functional change is anticipated for Assured Group Of Companies products and services, however as part of our GDPR readiness preparations we are updating and creating relevant policies and procedures, which will be published and notified to applicable users as appropriate


Assured Group of Companies policies are being reviewed and updated to contain wording that aligns with the requirements of GDPR

As relevant policies and procedures are updated for the Assured Group Of Companies’ products and services, users will be notified accordingly

Where users have already consented to receiving material such as the Assured Group Of Companies updates, we provide the ability for users to change or withdraw consent in line with legislative requirements

As part of the service and products we provide, the Company will continue to review the business purpose for using personal information and as such there may be future changes to relevant policies and procedures, including consent issues.


Will the Assured Group Of Companies Customers Need a Data Processing Agreement?

A Data Processing agreement will not be needed by many customers – instead, updates where applicable to contractual documentation, should be sufficient.


Assured Group of Companies policies have been updated to align with the requirements of GDPR and this should be sufficient for many of our customers.

A commercial customer may require a Data Processing Agreement/Addendum to help demonstrate it is meeting its obligations with respect to GDPR. In such cases, Assured Group of Companies will provide a suitable template populated with the necessary details.


Who / where do I go to if I have any other queries about Data Protection at the Assured Group of Companies?

Direct all enquiries to our Data Champions by emailing info@assuredgroup.org


Depending on the nature of the query, this will be responded to by the appropriate Data Champion in respect of customer, supplier or employee issues.

Data Protection Policy:

Our Data Protection Policy sets out how we action the protection of business and personal data for our Customers, Employees and Suppliers.

Click here to download our Data Protection Policy
Privacy Policy:

The Assured Group of Companies are committed to protecting and respecting the privacy of the data we use for our business. Our Privacy Policy sets out the basis on which any personal data which is collected by, or provided to us, will be processed.

Click here to download our Privacy Policy
Data Privacy Notice for Suppliers:

This Data Privacy Notice for Suppliers sets out the basis on which any personal data we collect or are provided with from suppliers (including contractors and sub-contractors), is processed by us.

Click here to download our Data Privacy Notice for Suppliers
Website Terms of Use:

Our Website Terms of Use explains the basis on which you may access, browse, or register on our site. We ask all our website users to read these terms carefully before using www.assuredgroup.org

Click here to download our Website Terms of Use
Acceptable Use Policy:

Our Acceptable Use Policy sets out the permitted and prohibited uses of this website.

Click here to download our Acceptable Terms of Use Policy
Cookie Policy:

In our Cookie Policy we explain about the types of Cookie the website produces and what these are used for.

Click here to download our Cookie Policy


For any queries relating to any of our policies or Data Protection at the Assured Group of Companies, please contact our Data Champions on info@assuredgroup.org