Data Protection and Privacy Policy

Purpose

CAN Solutions is committed to ensuring the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy outlines how we collect, use, store, and protect personal data, ensuring transparency and trust with our customers, employees, and partners.

Our Commitment

We are committed to:

  • Collecting personal data lawfully, fairly, and transparently, ensuring it is relevant and limited to what is necessary for our legitimate business purposes.

  • Keeping personal data secure with appropriate technical and organisational measures.

  • Ensuring that individuals' rights to access, correct, or delete their data are respected.

  • Providing clear information on how we use and share personal data.

Data Collection and Use

We collect personal data only for specific, legitimate purposes, including:

  • Providing our services to customers and managing customer relationships.

  • Administering employee records and ensuring compliance with employment laws.

  • Complying with legal obligations and responding to regulatory requests.

Data Sharing

We will not share personal data with third parties unless:

  • It is required to fulfil a contractual obligation or provide a service.

  • The individual has given explicit consent.

  • We are required to do so by law or regulatory authorities.

Data Security

We have implemented security measures to protect personal data from unauthorised access, accidental loss, or destruction. This includes encryption, secure servers, and regular data protection training for staff.

Rights of Data Subjects

Individuals have the right to:

  • Request access to the personal data we hold about them.

  • Request correction or deletion of their personal data.

  • Object to the processing of their personal data.

  • Request restriction of processing or data portability.

  • Lodge a complaint with a supervisory authority if they believe their data rights are being violated.

Monitoring and Review

This policy will be reviewed annually or in response to changes in data protection laws. All employees will receive ongoing training to ensure they understand and comply with GDPR requirements.