Supplies Wholesalers Data Subject Access Request (DSAR) Policy

Effective Date: 1/30/2020

Purpose

This DSAR Policy establishes a formal procedure for Supplies Wholesalers to handle requests from individuals seeking access to their personal data. This policy ensures that Supplies Wholesalers can respond effectively and compliantly to data subject access requests (DSARs) under applicable data privacy regulations, including GDPR where required.

1. Scope

This DSAR policy applies to all departments and personnel involved in handling personal data at Supplies Wholesalers, including data stored and processed in our e-commerce systems, databases, and fulfillment systems.

2. Rights of Data Subjects

Data subjects have the following rights regarding their personal data:

• Right of Access: To request a copy of their personal data.
• Right to Rectification: To correct inaccuracies in their data.
• Right to Erasure: To request the deletion of their data under specific circumstances.
• Right to Restriction of Processing: To limit processing of their data.
• Right to Data Portability: To receive their data in a commonly used electronic format.

 

3. Data Subject Access Request (DSAR) Process

1. Submission of DSAR
   

   Data subjects may submit a request for access to their personal data through:

   1. Email: DSAR@SuppliesWholesalers.com
   2. Mail: 425 Maestro Drive Suite 100 Reno, NV 89511
      
      
2. Identify Verification
   Supplies Wholesalers requires identity verification to ensure requests are made by the correct individual. Requesters will be asked to provide proof of identity, such as a government-issued ID or other forms of verification as applicable.
   
   
3. Data Retrieval and Processing
   

   Upon receiving a valid request, the following steps will be taken:

   1. Data Search: Relevant personnel will search applicable systems (databases, cloud storage, email, etc.) to locate personal data.
   2. Data Decryption: For any encrypted data, Supplies Wholesalers will follow secure decryption procedures. Decryption keys are stored separately in compliance with split-knowledge security practices.
   3. Data Consolidation: The located data will be consolidated into a single file or report for ease of review.
      
      
4. Response and Fulfillment 
   1. Supplies Wholesalers aims to fulfill DSARs within 30 days of receiving a complete, verified request. In cases where the request is complex, this timeframe may be extended, and the data subject will be notified of the extended period.
   2. The data subject will receive a copy of their data in a secure electronic format, such as CSV or PDF.

4. Ongoing Compliance and Review

1. Training
   All relevant staff, including IT and customer service, receive periodic training on DSAR handling, data retrieval, decryption, and data security best practices.

2. Documentation and Record-Keeping
   Supplies Wholesalers maintains records of all DSAR requests, including dates, types of requests, and fulfillment status, to ensure compliance and facilitate audits.

3. Policy Review
   This policy will be reviewed annually or as required to ensure compliance with evolving data protection regulations. Updates will be documented and communicated to all relevant personnel.

5. Contact Information

For any questions related to DSARs or this policy, individuals may contact:

Data Protection Officer (DPO): Alex Garcia

Email: agarcia@SuppliesWholesalers.com

Phone: +1 866-817-8795