RIGHT OF INFORMATION
Under Article 13 and 14 of the GDPR, you have a right to be informed as to how your personal data is being processed (handled or used) by an organisation. In particular, at the time the organisation obtains personal data from you, it should advise you of (among other things), the purpose(s) of – and legal basis for – the processing of your data; any other recipient(s) of your data); how long it retains your data, or the criteria by which it determines how long it retains your data; and the existence of any automatic decision making processes applied to your data.
Moreover, where the personal data has not been obtained from you, the organisation must provide you with additional information relating to the types of personal data it holds and how it obtained this data. This information should be provided to you within a reasonable period, and at the latest within a month of the organisation obtaining the data (as per Article 12 of the GDPR). If the data is used to communicate with you, the information about the types of data obtained and how it was obtained should be provided to you, at the latest, when the first communication takes place. If it is expected that your personal data will be disclosed to another recipient, the information should be provided to you when your personal data is first disclosed.
RIGHT OF ACCESS
Under Article 15 of the GDPR, you have a right to obtain a copy, of any information relating to you kept on computer or in a structured manual filing system or intended for such a system by any organisation. All you need to do is write to the organisation and request, under the GDPR, a copy of the personal data it holds in relation to you.
Collection and use of personal information
Industrial Management Systems does not collect any personal data about you on its website. Any personal information that you volunteer to the company (for example an email communication instigated by you) will be treated with the highest standards of security and confidentiality, strictly in accordance with the Data Protection Act, 1988, as amended by the Data Protection (Amendment) Act, 2003. Any information that you provide in this way is used by the company only in line with the purpose for which you provided it and as governed by the Office of the Data Protection Commissioner.