Data Processor Statement
AGA Print Ltd Data Processing Statement
Name of Data Processor:
AGA Print Ltd (trading as Solopress) registered in England and Wales under registration number 01717223. Our registered office address is 9 Stock Road, Southend-On-Sea, Essex, SS2 5QF.
In accordance with Article 37 of the General Protection Regulations (GDPR), the Company has appointed Data Protection Officer who may be contacted at the following address:
The Data Protection Officer
c/o AGA Print Ltd
9 Stock Road
Email: [email protected]
This statement should be referred to where a Data Controller (as defined by the GDPR) engages AGA Print Ltd as a Data Processor to provide printing services and that provision of services involves the processing of client personal data.
Data Protection Compliance
All personal data will be processed in accordance with the instructions from the Data Controller and processed in such a manner as is necessary for the provision of services. Personal data will not be used for any other purpose.
Both Data Controller and Data Processor will comply at all times with the GDPR and all applicable laws.
The Data Processor will:
- Process the Personal Data received only to the extent and in such a manner as is necessary in order to supply services/goods to the Data Controller or as may be required by law (in which case the Data Processor shall inform the Data Controller of the legal requirement in question before processing the Personal Data for that purpose unless prohibited from doing so by law);
- Not Use any personal data for any other purpose other than provision of the above services;
- Implement the appropriate measures in order to meet the requirements of the GDPR and protect the rights of data subject;
- Act promptly with any request (in writing) from the Data Controller requiring the Data Processor to amend, transfer, delete, or otherwise dispose of the personal data;
- Assist (at the Data Controllers cost) the Data Controller in dealing with requests from Data Subjects, dealing with data breaches and conducting impact assessments;
- Make available to the Data Controller or (if required) the Information Commissioners Office (ICO) any information required to demonstrate our compliance with GDPR;
- Have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to data;
- Maintain personal data in confidence and take all reasonable steps to ensure that any persons authorised to process personal data (staff, contractors, agency or other workers etc.) have contractually committed themselves to confidentiality and will receive ongoing training on the appropriate handling of personal data;
- Not process personal data outside the European Economic Area (EEA) this includes all EU member states plus Iceland, Liechtenstein and Norway without the prior written permission of the Data Controller. Where the Data Controller consents to such a transfer the Data Processor must comply with GDPR by providing the adequate level of protection to any personal data which is transferred;
- Not keep the data for any longer than is necessary for the performance of the services, taking into consideration any legal, accounting or reporting requirements;
For and on behalf of AGA Print Ltd