This GDPR Information Board has not been checked by a lawyer at Legal Partners.

Professional Printing, Inc.

64 Division St, Bangor, ME 04401, USA

http://www.professionalprinting.com

The Controller appointed a person with the protection of personal data who can be contacted by means of appointed.person@professionalprinting.com

Customers (purchasers)

Fulfilling accounting and tax obligations

Processed personal info

Name, ID, VAT ID, Permanent residence, Customer Representative

Recipients or categories or recipients of personal data, including recipients in third countries or international organizations

Tax Office

Details

Persons who have access to data subjects' personal data.

Envisaged time limits for erasure of the different categories of data

Set out in law

Details

Presumed deadlines for erasure of data subjects' personal data.

Access rights (job or employee's name)

Accounting Department staffCompany management

Details

Information about who is authorized to process data subjects' personal data.

The use of pseudonymization or encryption

No

Details

These are ways of securing a subject's personal data. Pseudonymization makes it impossible to match the subject's identity to the subject's personal data. Encryption makes the data unreadable to other parties.

Confidentiality measures (admission management; access management; data classification system) and integrity measures (transfer and handling management)

Username and password for access to personal dataAccess logging

Details

A specific way or ways to secure a subject's personal data.

Availability and resilience of the processing systems and services (availability management, swift recovery after an incident)

UPSFirewall

Details

The data specify how the service or system processing a subject's personal data is resilient to an outage and how quickly after such incident the service or system renews its operation.

Procedures for regular review and assessment of measures (management of personal data protection, incident management, standard protection of personal data, processing management)

Internal process for incident management

Details

Reviewing the course of processing of a subject's personal data, updating of information about the processing and of the personal data as such.

Joint controller(s) (if they exist)

None

Details

Persons who determine the means and purposes of processing personal data.

Where does processing take place in your organization (e.g. what department)?

Accounting DepartmentCompany management

Details

Parts of the organization where personal data are processed.

Legal grounds for processing

Compliance with a legal obligation, performance of a contract

Details

Legal facts giving ground to to processing of the personal data.

From whom does my organization receive personal data?

Customers

Details

Information whether the processed personal data comes from the data subjects, the organization's own activities or other sources.

Is provision of personal data obligatory and what does this requirement arise from?

Arises from the law and the contract, it is obligatory

Details

If personal data are provided by the data subjects, this states the reason why the organization needs the data and whether their provision is obligatory.

Are automated decisions or profiling used?

No

Details

This entry states whether automated decisions (without human interventions), including profiling (forecasting future behaviour), take place in the organization based on a subject's personal data.

Where does the organization store the consents to processing of personal data?

-

Details

The place where the organization stores the subject's consent to processing of personal data.

The means of informing the subject (document, validity of the document, means)

Privacy Policy of 25 May 2018 available under company's website

Details

Information about the way and time when the organization informed the data subjects about processing of their personal data.

Non-electronic data storage - Means of storing personal data

-

Details

The location and means of storing the data subject's perosnal data if stored in their physical form.

Electronic data storage

InvoicingPRO running on own servers

Details

Location and means of storing a data subject's personal data if the organization stores them in an electronic form.

Details of the processor(s)

-

Details

This field states information about the processor(s) of personal data whom the company engaged in the processing of the data subject's personal data.

Note

-

Database of customers

Processed personal info

Name, ID, VAT ID, Permanent residence, Customer Representative

Recipients or categories or recipients of personal data, including recipients in third countries or international organizations

None

Details

Persons who have access to data subjects' personal data.

Envisaged time limits for erasure of the different categories of data

Guidelines for Shredding Of Documents

Details

Presumed deadlines for erasure of data subjects' personal data.

Access rights (job or employee's name)

Sales Department StaffProduction Department staffCompany management

Details

Information about who is authorized to process data subjects' personal data.

The use of pseudonymization or encryption

No

Details

These are ways of securing a subject's personal data. Pseudonymization makes it impossible to match the subject's identity to the subject's personal data. Encryption makes the data unreadable to other parties.

Confidentiality measures (admission management; access management; data classification system) and integrity measures (transfer and handling management)

Username and password for access to personal dataAccess logging

Details

A specific way or ways to secure a subject's personal data.

Availability and resilience of the processing systems and services (availability management, swift recovery after an incident)

UPSFirewall

Details

The data specify how the service or system processing a subject's personal data is resilient to an outage and how quickly after such incident the service or system renews its operation.

Procedures for regular review and assessment of measures (management of personal data protection, incident management, standard protection of personal data, processing management)

Internal process for incident management

Details

Reviewing the course of processing of a subject's personal data, updating of information about the processing and of the personal data as such.

Joint controller(s) (if they exist)

None

Details

Persons who determine the means and purposes of processing personal data.

Where does processing take place in your organization (e.g. what department)?

Sales DepartmentProduction DepartmentCompany management

Details

Parts of the organization where personal data are processed.

Legal grounds for processing

Compliance with a legal obligation, performance of a contract

Details

Legal facts giving ground to to processing of the personal data.

From whom does my organization receive personal data?

Customers

Details

Information whether the processed personal data comes from the data subjects, the organization's own activities or other sources.

Is provision of personal data obligatory and what does this requirement arise from?

Arises from the contract, it is obligatory

Details

If personal data are provided by the data subjects, this states the reason why the organization needs the data and whether their provision is obligatory.

Are automated decisions or profiling used?

No

Details

This entry states whether automated decisions (without human interventions), including profiling (forecasting future behaviour), take place in the organization based on a subject's personal data.

Where does the organization store the consents to processing of personal data?

-

Details

The place where the organization stores the subject's consent to processing of personal data.

The means of informing the subject (document, validity of the document, means)

Privacy Policy of 25 May 2018 available under company's website

Details

Information about the way and time when the organization informed the data subjects about processing of their personal data.

Non-electronic data storage - Means of storing personal data

-

Details

The location and means of storing the data subject's perosnal data if stored in their physical form.

Electronic data storage

SugarCRM Community Edition running on own servers

Details

Location and means of storing a data subject's personal data if the organization stores them in an electronic form.

Details of the processor(s)

-

Details

This field states information about the processor(s) of personal data whom the company engaged in the processing of the data subject's personal data.

Note

-

The attached summary shows you individual rights that data subjects may claim according to GDPR.

View data subjects' rights

Copyright GDPRset.com in cooperation with Legal-Partners.org