General Data Protection Regulations 2018 (GDPR) - AM Lighting Ltd Trading as AML Event Hire
What information do we collect?
New regulations, that became effective from 25th May 2018, enhance the degree of protection
that members of the public can expect from all companies and bodies who hold or process data
about them, if that data “relates to a living individual who can be identified from it”. This is an
evolution of the existing protections set out in the Data Protection Regulations 2016 and before.
Further protections apply to “sensitive” personal data.
AM Lighting Ltd is both a data controller and a data processor. We both hold information about
you and make use of it, in a variety of ways including the possibility of making decisions about
what we do because of information drawn from analysing the data we hold on individuals. We
therefore both hold and process your data and are governed by the GDPR.
We obey the Principles relating to data processing in the GDPR:
1. Personal data will be processed fairly and lawfully. (Principle 1)
2. Data will only be collected and used for specified purposes. (Principle 2)
3. Data will be adequate, relevant and not excessive. (Principle 3)
4. Data will be accurate and up to date. (Principle 4)
5. Data will not be held any longer than necessary. (Principle 5)
6. Data will be processed in accordance with your rights (Principle 6)
7. Data will be kept safe from unauthorised access, accidental loss or damage. (Principle 7)
8. Data will not be transferred to any country outside the United Kingdom unless that
country has equivalent levels of protection for personal data. (Principle 8)
We will collect personal information about you when you contact AM Lighting Ltd directly or
through our websites, by telephone, post, e-mail, or through any other means for the following
When processing quotations or orders
When a customer is hiring our equipment
When we are performing detailed tasks as requested by a customer
Dealing with complaints
If you choose not provide some or all of the information we require to carry out the service you
require, you may not be able to use some of our services.
The information we collect may include basic personal details such as your name, address, email
address, telephone number, date of birth, emergency contact details, driving licence, proof of
All copies of such documents are stored electronically on our Current RMS hire software and by
hard copy which is kept in a locked office, drawer or filing cabinet where unauthorised people
cannot see it. Our Current RMS hire software is fully GDPR compliant and has included addition
control measures to ensure our compliance. Copies of personal data such as these are shredded
and disposed of securely when no longer required. Additionally, e-mails may copied and stored by
UK2.net as our computer systems access all emails via the UK2.net servers.
We also gather data from a variety of other sources. This can help to provide us with access to
information regarding the location, use, application of our equipment whilst out on hire that may
have given us cause for concern. These sources may be venues or event spaces that we have
dealings with or not.
The personal data we hold will be treated as strictly confidential and will only be shared within
the organisation to those who require if for the purpose of the carrying out the task for which the
data was collected for.
Your personal data will only be shared with third parties on a need to know basis, and for them to
carry out the task for which the personal data was collected for i.e. to check for driving
endorsements, proof of address etc.
Examples of third parties we may share your data with:
▪ Local Authorities/Police when dealing with Penalty Charges, parking notices or toll fines.
▪ Small Claims Courts/Debt Recovery Agencies when Recovery of vehicles/equipment or monies is
▪ Merchant Services when handling payments
▪ Delivery and collection drivers when delivering and collecting hired vehicles
▪ Rental companies working with us to service your hire.
We do not hold or process biometric, generic or health data on you, and we do not undertake any
automated or profiling activities on any data we hold.
Data subjects have new rights: transparency, access to records, rectification of errors, restriction
on data use or sharing, portability of records we hold, the right to object to automated
processing or profiling – which we don’t do – and the right to have your records erased.
Requests for access to data will be met within one month and are free of charge. We are however
permitted to charge for excessive or repeated requests and reserve the right to do so to cover
administrative time spent.
Our Data Processing Compliance Officer is: Alistair McCready
AM Lighting Ltd
1st January 2021
You can download a copy of this document HERE