General Data Protection Regulation Policy
NimbusPost UK LTD (“hereinafter referred to as “NimbusPost UK/We/Our”) having registered office at Unit 6 Drummonds Place, St. Margaret, Twickenham, TW1 1JN act as a data processor on behalf of its customers who, as data controllers, submit data by using the Platform which includes the website, digital applications including but not limited to Mobile Applications, in order to access the services of NimbusPost UK. In exceptional cases the data so provided will relate to an identifiable subject and so is defined as “personal data” under EU General Data Protection Regulation 2016/679 (“GDPR”). This document serves the purpose of the written contract required to be in place between NimbusPost UK and its customers clarifying their responsibilities and liabilities under GDPR.
Terms of Processing
- We will act only upon on the written instructions of the Customer in processing any data supplied (“the Data”), personal or otherwise, unless required by law to act without such instruction.
- We ensure that data is subject to confidentiality and all the employees of Nimbuspost UK are bound by policy for the purpose of processing.
- NimbusPost UK will immediately inform the Customer if it is asked by a third-party to infringe GDPR or any other applicable data-protection law related to the Data.
- As a controller, NimbusPost UK will co-operate with supervisory authorities in accordance with Article 31; ensure the security of the processing in accordance with Article 32; keep records of the processing activities in accordance with Article 30.2; and notify any personal data breaches to the supervisory authorities within 72 hours in accordance with Article 33.
- NimbusPost UK will ensure that all the information by Supervisory Authority, relevant to meet an equivalent audit or inspection or any connected legal obligations are provided to the Controller in time bound manner.
Details of Processing Data
- NimbusPost UK process the data by supplying the same to the courier partners or by processing the information so as to produce and print despatch documentation.
- Data is also used for tracking information and for customer services.
- Data is submitted by NimbusPost UK to the courier partners for despatching services or conducting delivery and that data will be stored by courier partners according to their own processing terms.
- NimbusPost UK will be committed to ensure that all the personal information that it holds is protected, and it provides transparency on the steps to protect all such data. We will recognise our obligations in updating and expanding this program to meet the requirements of GDPR.
- We will be dedicated to safeguarding the personal information under our control and in maintaining a system that meets our obligations under the new regulations.
- As Nimbuspost UK is a controller, we ensure that Customers Data is processed in accordance with the General Data Protection Regulation (GDPR) and Customers rights are protected. Customers Data is always treated as confidential and not disclosed to a third party for marketing purposes. All Data will be securely logged and kept on our EU based Cloud servers and can be requested by you for review at any time. We do not have any automated processes and we will only keep Data for the purpose of supply of service to Cusotmers and for good business practice and administration.
GDPR Roles and Employees
- NimbusPost UK has designated (Name of the officer) as our Data Protection Officer who will be responsible for promoting regular compliance and awareness related to GDPR Policy, identification of the gap areas, and implementation of New Policies and measures.
- NimbusPost UK is very well concerned about continuous employee awareness who are involved in making plans and continued compliances under GDPR.
Team NimbusPost UK respect Customers privacy and are committed to protect Customers personal data.