GDPR Policy

Introduction

 

MMD Technology ("we", "our", or "us") is committed to ensuring the protection of personal data and respecting the privacy rights of individuals. This General Data Protection Regulation (GDPR) Policy outlines how we collect, use, store, and protect personal data, particularly in relation to call recordings on behalf of our clients.

 

Scope

 

This policy applies to all personal data processed by MMD Technology, including data collected from our clients, their customers, and any other individuals whose personal data we handle.

 

Data Collection and Use

 

Call Recordings: We collect and store call recordings on behalf of our clients. These recordings may contain personal data, including names, contact details, and other information shared during the call.

 

Purpose: Call recordings are primarily used for quality assurance, training, dispute resolution, and as required by law or regulatory bodies.

 

Consent: Before recording any call, all parties will be informed of the recording and its purpose. Consent will be obtained where necessary.

 

Data Storage and Security

 

Storage: Call recordings are stored securely in data centres located within the UK.

 

Security: We employ robust security measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. This includes encryption, access controls, and regular security assessments.

 

Data Retention

 

Call recordings are retained for a period of [specific duration, e.g., "6 months"], after which they are automatically deleted unless required for legal or regulatory reasons.

 

Data Subject Rights

 

Under GDPR, individuals have the right to:

 

- Access their personal data.

- Rectify incorrect data.

- Erase their data.

- Restrict or object to processing.

- Data portability.

- Withdraw consent.

 

To exercise these rights, individuals can contact our Data Protection Officer at [DPO's email address].

 

Data Sharing

 

We do not sell or rent personal data. We may share personal data with third parties only when necessary for the purposes outlined in this policy, or when required by law.

 

Any third-party processors we engage are required to adhere to GDPR and ensure the protection of personal data.

 

Transfers Outside the EEA

 

While our primary data centres are in the UK, we may occasionally transfer personal data outside the European Economic Area (EEA). In such cases, we ensure that adequate safeguards are in place, in line with GDPR requirements.

 

Changes to This Policy

 

We may update this policy from time to time. Clients will be notified of significant changes, and the latest version will always be available on our website.

 

Contact

 

For any queries or concerns related to this GDPR policy or our data protection practices, please contact our Data Protection Officer at:

 

- Email: sales@telcoworx.co.uk

- Address: 4 Edward Court, Broadheath, Altrincham WA14 5GL

 

Complaints

 

Individuals have the right to lodge a complaint with the UK's supervisory authority, the Information Commissioner's Office (ICO), if they believe their data protection rights have been violated.

 

 

Last Updated: March 2023