GDPR Policy Statement
On 25 May 2018, the EU General Data Protection Regulation (GDPR) came into force.
Hilco Appraisal Limited t/a Hilco Valuation Services Europe (“Hilco”) has always taken data protection seriously and during 2017 and 2018 updated its processes and documentation to meet the requirements of the GDPR.
The changes made ensure that the personal information of our customers, clients and employees continue to be handled in accordance with the updated regulations and the principles of transparency, fairness and accountability.
Our programme addressed:
- Reviewing our enterprise wide information framework. Confirming that confidentiality integrity and availability of personal information is assured through appropriate technical and organizational measures.
- Ensuring our incident response process remains effective and our breach of security notification procedure fulfills the requirements of the regulation.
- Confirming our main frame computer system, management laptops and mobile phones are all secured through log in, passwords and pin/fingerprint access.
- Appointing an independent Data Protection Officer who oversees and monitors our data services.
- Prior to GDPR coming into force, we identified the data we held by type and sensitivity.
- We e-mailed our clients and customers setting out exactly what type of information we held and reminded them of their right to be deleted.
- An ‘unsubscribe’ option is included on all e-mails and information sheets, auction details etc. distributed by the business. Third parties can also write to GDPR office at Hilco Appraisal Limited, 3 St Helen’s Place, London EC3A 6AB requesting deletion from our records.
- Our employees have reviewed and confirmed the personal data held about them by the company.
- We do not pass personal data to third parties for marketing, market research or commercial purposes. The only exception will be where we are obliged by law or a governmental or regulatory body.
Third Party Management
- We ensure that the partners and suppliers we work with have addressed their obligations in respect to data privacy and security.
- Existing suppliers/service providers handling personal data were contacted before 25 May 2018 and requested to advise us of the procedures they have in place to secure and safeguard our data. Similar steps will be taken with any new suppliers.
Policies and Procedures
- We regularly review our standards and processes to define the personal information lifecycle and ensure data transparency, accuracy, accessibility and security.
Should you require any further information please contact firstname.lastname@example.org