GDPR Statement | National Pumps & Boilers

National Pumps and Boilers

GDPR Statement

National Pumps and Boilers take the security of data (both our own, our customers and suppliers and staff) very seriously. This statement aims to describe a framework under which National Pumps and Boilers can assure all concerned that their data is secure, that all staff are aware of GDPR Legislation and that National Pumps and Boilers reviews procedures to ensure full and continued compliance. 


All staff are aware of the requirements and have been encouraged to review documentation and ensure that they understand compliance. They are aware of the internal procedures should they have any concerns regarding non-compliance. 

Information We Hold

We hold data which contains information regarding our staff, our customers and our suppliers. This data is held securely on our own servers with the correct level of password security. 

Without this data we would not be able to provide the service we do. 

Individuals Rights 

National Pumps and Boilers will respect the rights of individuals as set out by GDPR. These rights are listed below:

The right to be informed – you have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. 

The right of access – you have the right to obtain access to your information (if we are processing it). This is so you’re aware and can check that we’re using your information in accordance with data protection law. 

The right to rectification – you’re entitled to have your information corrected if it’s inaccurate or incomplete. 

The right to restrict processing – you have rights to block or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. 

The right to erasure – this enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. 

The right to data portability – you have rights to obtain and reuse your personal data for your own purposes across different services. 

The right to object – you have the right to object to certain types of processing, including processing for direct marketing. 

Rights in relation to automated decision making and profiling. 

Subject Access Requests 

National Pumps and Boilers has a procedure for managing Subject Access Requests. Data would be provided as soon as possible. Please contact the person responsible for Data Processing. 

Lawful Basis for Processing Personal Data 

National Pumps and Boilers only uses personal data to enable the fulfilment of a contract for the purchase or sale of goods or to keep staff records up to date and to pay staff. Our privacy statement covers this in more detail. 

Data Breaches

National Pumps and Boilers operate on their own servers supplied by CNL Computers, Kendal Limited. Symantec Endpoint Protection protects the servers. All PCs and laptops at National Pumps and Boilers are password protected. Should a piece of equipment be lost or stolen, this would be reported to management immediately and any potential compromise of data would be communicated to the parties concerned. 

Person responsible for Data Protection

Financial Director is responsible for data protection and compliance with GDPR. Contact details: