General Data Protection Regulation (GDPR)
Unze London is committed to high standards of information security, privacy and transparency and will comply with the General Data Protection Regulation (GDPR).
Unze London overall approach to data protection
We have numerous data policies, procedures and processes in place to manage compliance with data protection law. Internal policies are managed by the Company Secretary and signed off by senior executives as part of Unze London standard governance process. These internal policies relate to information security and data protection, all of which have been reviewed and updated in-line with GDPR.
You can view our privacy notice on our website, which you can find here: https://www.unze.co.uk/privacy-policy.
Unze London also has its own Data Protection Officer.
We strive to ensure the protection of all the personal data on our customers, as well as all other information we hold so that we have the trust of our customers and regulators when we innovate and use the information we hold in new ways.
Unze London role as a data controller
Where Unze London is requested to deliver mail or parcels (including where an organisation provides personal data as ‘pre-advice’ for delivery purposes) we take the view that we are acting as the data controller for these services.
We sometimes receive GDPR questionnaires from organisations which have assumed that we are acting as their data processor when delivering mail, which in the majority of cases is incorrect. Where we act as a controller we take on controller responsibilities and therefore do not intend to provide detailed responses to those questionnaires.
Unze London takes the security of our customers’ mail very seriously. We have robust approaches to security of mail and are committed to maintaining our high standards in meeting and exceeding the expectations of our customers.
Ensuring our people are aware of the requirements for the security and integrity of the mail form a central part of our recruitment, induction, training and day to day activities. The security and integrity of mail services is regulated by Ofcom.
Unze London has internal data retention policies which cover the requirements for data retention and secure disposal/destruction of information waste in compliance with the Group’s legal and regulatory obligations.
Processing outside of the EEA
Unze London may need to transfer personal data about customers to third parties located outside the UK. If we do, we will ensure that data is protected to a level which meets the requirements of UK law. We are committed to being recognised as the best delivery service in the UK and across Europe.