STB Ltd (‘Surrey Translation Bureau’, ‘STB’, ‘we’ or ‘us’) prides itself on its commitment to privacy and all data received is assumed confidential, unless in the public domain. This Privacy Notice details how we use personal data in the context of GDPR regulations and is subject to review and updates which will be notified to relevant parties.
We assume that all businesses and organisations worldwide having dealings with STB are themselves aware and compliant with EU GDPR legislation and reserve the right to seek confirmation of their policies and practices.
What can be classified as personal data?
Personal data is anything that can make an individual identifiable and in the case of STB this includes job titles, contact details, photographs, CVs. We also collect and keep other non-personal information with the same level of confidentiality, for example business and financial details.
Who are our Data Controllers and Data Processors?
Data Controllers are responsible for collecting and storing information. At Surrey Translation Bureau, our key Data Controllers are the Managing Director, Head of Translation Operations , Compliance Officer, Resource Manager, Sales Manager and accounts staff. At STB however all our in-house staff may be considered as both Data Controllers and Data Processors. External Data Processors may be given this information for a specific task, and at STB this includes GDPR-compliant online platforms, and other service providers with whom appropriate confidentiality agreements and agreements are in place. The central contact for any concerns related to data processing is firstname.lastname@example.org.
Why is personal data collected and stored?
We primarily need this personal data in order to communicate with customers, suppliers and other businesses we come into contact with. We also have a practical need and legal duty to keep correspondence about contracts and quotations, and financial records including sales and purchase invoices.
Personal information about individuals in texts received for translation will only be processed as is necessary for the service requested by the client. We assume that all personal data sent to us by third parties is done with the necessary consent and knowledge of the data subject, or is in the public domain. We may collect and store other personal data that is either in the public domain or is sent to us for business and marketing purposes.
What will you do with my data?
We will only store on our databases personal data we consider necessary for contractual or legal reasons, or for marketing purposes with consent.
- Information and data including electronic files received from clients will be provided to external suppliers without specific client consent, only insofar as this is necessary to provide translation services requested according to our Terms and Conditions. All staff and external suppliers handling confidential data on behalf of STB Limited have signed non-disclosure agreements.
- Freelance translators. Collecting and processing personal data is done by internal staff. The identity of individual translators is not disclosed to clients without their permission although on occasion we may provide anonymous CVs.
- Newsletters and information emailed through an automated service to customers, translators and other interested parties have an unsubscribe function. Requests to delete the underlying record should go to email@example.com and will be actioned if there is no overriding reason to keep it.
- Other contacts kept for marketing purposes will be required to opt-in for us to retain their details.
- Interactions with STB via social media platforms are recorded within those applications. Website traffic is tracked purely for statistical reasons and not to identify individuals. Please note Surrey Translation Bureau’s website contains links to other sites which may collect personal data, for which we are not responsible.
Where will you store my data and who will have access to it?
All electronic data is stored securely, internally or externally, on GDPR-compliant platforms according to their terms and conditions. STB has appropriate confidentiality agreements with other third parties given access to this data, for example IT support. We will not pass on information about individuals to any other third parties unless agreed otherwise, as part of a text for translation, or if we are under a legal obligation to do so.
For how long will you store my data?
We will keep personal details on our databases for customers, translators and other suppliers for a maximum of 2 years from the date of last contact with that person, unless there is a request to delete the information. Personal information included in accounting records will be kept for a minimum of 7 years.
What if I want access to my data and what if it needs updating?
Requests for a copy of information held in a commonly used format and at no charge can be made to firstname.lastname@example.org. We expect to be informed of any changes by regular customers and suppliers, and will make any updates to our databases if specifically requested.