DSAR Policy

Updated March 10,2025

Potenza Building Materials Ltd.– Data Subject Access Request (DSAR) Policy

  • Effective Date: 1-Sep-2022
  • Last Updated: 5-Jan-2025

1. Introduction

Potenza Building Materials Ltd. is committed to protecting personal data and upholding the rights
of individuals under the UK General Data Protection Regulation (UK GDPR). This policy
outlines the process for handling Data Subject Access Requests (DSARs) to ensure compliance
and transparency in responding to such requests.

2. Scope

This policy applies to all individuals whose personal data is processed by Potenza Building Materials Ltd., including:

  • Customers
  • Employees
  • Suppliers
  • Any other data subjects
  •  

It covers requests related to access, correction, deletion, and processing restrictions of personal
data.

3. Data Subject Rights

Under UK GDPR, individuals have the right to:

  • Access their personal data (Right of Access)
  • Correct inaccurate or incomplete data (Right to Rectification)
  • Request deletionof their personal data (Right to Erasure)
  • Restrict processingof their personal data (Right to Restriction)
  • Objectto the processing of their data (Right to Object)
  • Receive data in a portable format (Right to Data Portability)

4. Submitting a DSAR

Individuals can submit a Data Subject Access Request (DSAR) through any of the following channels:

  • Email: [hr@potenza-uk.net]
  • Postal Mail: 4th Floor, 18 St. Cross Street, 4th Floor, 18 St. Cross Street, London, England,

4.1 Required Information for DSAR Processing

For security and verification purposes, requestors must provide:

  • Full Name
  • Contact Information
  • Details of the requested information
  • Proof of identity (e.g., passport, driver’s license, or utility bill)

Incomplete DSARs may be subject to additional verification steps.

5. DSAR Handling Procedure

Step 1: Acknowledgment

  • Potenza Building Materials Ltd. will acknowledge receipt of the DSAR within 3 working days and confirm:
  • The request has been received.
  • The expected processing time (normally one month).
  • Any additional verification required.

Step 2: Identity Verification

  • If necessary, the requestor will be asked to provide additional identification documents to confirm their identity before processing the request.

Step 3: Data Collection & Review

  • The Data Protection Officer (DPO) will locate relevant personal data stored in:
  • Customer databases (CRM)
  • Employee records (HR systems)
  • Email archives & support logs.
  • Marketing platforms & third-party services
  • Important: Any third-party data within the records must be redacted before disclosure.

Step 4: Response & Delivery

  • Once processed, the response will be sent securely via:
  • Encrypted email (preferred method)
  • Password-protected document
  • Hard copy (if specifically requested)
  • Timeframe: DSARs will be completed within one month from the date of receipt. If the request is complex, Potenza Building Materials Ltd. may extend the response time by an additional two months, with prior notification.

Step 5: Handling Special Requests

  • Data Correction: Inaccurate data will be updated, and confirmation will be sent to the requestor.
  • Data Deletion: If applicable, data will be erased unless legally required to retain it.
  • Processing Restriction: The processing of specific data will be halted if requested.

Step 6: Record Keeping

  • Potenza Building Materials Ltd. will maintain a DSAR log for compliance purposes. However, we will not store unnecessary personal data beyond legal retention periods.

6. Refusing a DSAR

Potenza Building Materials Ltd. may refuse or charge a reasonable fee for DSARs if:

  • The request is excessive or repetitive.
  • The request is unfounded, such as one made with malicious intent.
  • The requested data is legally exempt (e.g., legal privilege, trade secrets).

Requestors will be informed within one month if their DSAR is denied, along with an explanation.

7. Reporting a Data Breach

If a DSAR reveals a potential data breach, Potenza Building Materials Ltd. will follow the ICO
breach reporting guidelines and report significant breaches within 72 hours.

8. Contact Information

  • For any DSAR-related queries, please contact:
  • Data Protection Officer (DPO)
  • Email: privacy@potenza-uk.net
  • Address: 4th Floor, 18 St. Cross Street, 4th Floor, 18 St. Cross Street, London, England, EC1N 8UN

Approval & Review

  • Approved by: Khuzamah Ghanem
  • Review Date: 5-January-2025

Stay Connected With Potenza

Contact Info

  • Email: info@potenza-uk.net
  • Phone: +44 7360 787138

4th Floor, 18 st. Cross Street, London, United Kingdom

Useful Links

Contact Us

Support/ FAQ

Privacy Policy

Terms and Conditions

DSAR Policy

Subscribe our Newsletter

Discover premium office furniture solutions tailored for your business needs today!

Facebook Twitter Youtube Linkedin

Potenza Building Materials Ltd. is registered with the ICO (Reg. No: ZB874132). We comply with UK GDPR & Data Protection Act 2018

Developed by Vegasweb

Login

CREATE AN ACCOUNT