Best Business Services Ltd t/a Best Reception Supplemental Clause / Revision to terms re compliance with GDPR (Last Revision May 2018)

These Terms & Conditions of Business are between the “Customer” or “You” which refers to the individual, company or any other entity which engages the services of Best Business Services Ltd, (Trading as Best Reception) hereinafter referred to as the “Supplier”, “Us” or “We”.

We use the information you provide primarily for the provision of services to you and for related purposes including updating and enhancing Customer records; analysis to help us manage our business; statutory returns and legal and regulatory compliance.

Our use of that information is subject to your instructions, data protection law and our duty of confidentiality.

Please note that We may also give such information to others who perform services for us, such as IT service providers. Our business may be audited or checked by our accountants or by other organisations.

We do not normally copy such information to anyone outside the European Economic Area. All such third parties are required to maintain confidentiality in relation to Customer data. You have a right of access under data protection law to the personal data that we hold about you. We seek to keep that personal data correct and up to date. You should let us know if you believe the information we hold about you needs to be corrected or updated.

If You send us personal data about anyone other than yourself you will ensure you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us. We may from time to time send You information which We think might be of interest to You (for example about our other services).  If you do not wish to receive that information please notify Us, preferably in writing.

Both parties will comply with data protection legislation for the time being in force. Without prejudice to the general obligation above, if either party sends personal data to the other party they will comply with the following obligations:

(i) the party which sends the personal data will ensure they have any appropriate consents and notices in place to enable them to transfer that personal data, and so that the party which receives the personal data may use it for the purposes for which they provide it;

(ii) the party which receives the personal data will do the following:

(a) apply appropriate measures to ensure that it is kept confidential and secure;

(b) not further transfer the personal data outside of the European Economic Area without first obtaining the consent of the other party and putting in place appropriate safeguards in relation to the transfer;

(c) inform the other party immediately upon becoming aware that a breach of security has taken place;

(d) assist the other party in responding to a request from a data subject or regulator so that the other party can fully and promptly comply with its obligations under data protection legislation;

(e) at the written request of the other party, delete or return personal data unless it is required by law to retain such personal data or has some other good and sufficient justification for retaining such personal data.