We are committed to:
We recognise our obligations under the Data Protection Act 2018 and the provisions of Regulations (EU) 2016/679 (the General Data Protection Regulations “GDPR”).
We confirm that:
We shall so far as is reasonably practicable comply with the Data Protection Principles (the Principles) contained in the Data Protection legislation to ensure all data is:-
Processing of Personal Data (including special categories of data)
Processing of such Personal Data will only be carried out if it is necessary:
In the course of providing our services to you we may receive from you and hold Personal Data and/or special categories of data about you, your ocers and/or employees and in some cases, your clients/customers/service users, suppliers or other business associates. We will only collect personal data and special categories of data that is required.
Type of data we may collect
|CLIENTS||PROSPECTIVE CLIENTS||EMAIL UPDATE RECIPIENTS||EMPLOYEES|
|Business Postal Address||
|Bank Account details (where appropriate)||
|Details of specific employees including:|
|Name and Address||
|Date of birth||
|Sickness Record/Medical Details||
Our policy on collecting data from children
We do not collect personal data from children under the age of 16.
Why we need to collect Personal Data
We need to know the above personal data in order to:
We need to know the above personal data in order to enter into pre-contractual discussions and alert you to our products/services.
Email Update Recipients:
We need to know the above personal data in order to provide you with the Information Update either to fulfil a contractual obligation; or in the performance of a legitimate interest; or because we have your consent.
We need to know the above personal data in order to perform the contract of employment and manage the employment relationship.
How we use your personal data
Your personal data will only be used for the purposes for which you provided it to us, as indicated above. It will also be used to administer, support and obtain feedback on the level of our services, and to help prevent breaches of security, the law or our contract terms.
What we do with it
We take all reasonable steps to ensure that your personal data is processed securely.
All the personal data we hold about you will be processed by our sta in the United Kingdom.
Other than with an entity within the group:
We have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Only authorised employees, and authorised employees of our Third-Party service providers’ processing data on our behalf, have access to your personal data. All employees who have access to your personal data are required to adhere to the Company’s Privacy Notice and all third-party service providers are requested by the Company to ensure that any of their employees who have access to your personal data maintain confidentiality. In addition, contracts are in place with such third-party service providers acting as data processors for the Company that have access to your personal data, to ensure that the level of security required in your jurisdiction is in place, and that your personal data is processed only as instructed by the Company.
We have reviewed our procedures for the detection, reporting and investigation of data breaches.
Retention of your personal data
We will retain your information only for as long as is necessary for the purposes set out in this statement. The Company will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/ revenue laws), resolve disputes, and enforce our agreements.
You can request details of all data we hold about you by submitting a subject access request to the Data Protection Ocer, at the address provided below. We aim to comply with such a request from you within one month of the request being made. Where we cannot provide you with this information within one month; we shall inform you of this and provide the reasons why this cannot be achieved; at which point, we shall have a total of 3 months to comply with this request.
In the event that your data is incorrect; you have the right to have this rectified by us. In the event that any of your data is incorrect, please contact the Data Protection Ocer at the address provided below.
You have the right to object to our processing of your data. Please note, that where we need to process your data for reasons such as the defence of claims, we shall not be required to cease processing your data. In the event that you wish to object to us processing your data, please contact the Data Protection Ocer (contact details below).
You have the right to request that we delete your data provided that; we no longer require your data; or there is no legitimate legal basis for us to process your data; or we have unlawfully processed your data; or the data must be erased in order to comply with the law.
If you have grounds to request that we delete your data, and you wish to do so, please contact the Data Protection Ocer (contact details below). We shall not charge a fee for your data to be deleted from our databases.
You have a right to complain about the way we are holding or using your data and should you wish to do so, you should contact the Data Protection Ocer (contact details below). If you remain unsatisfied with our response, you can refer the matter to the Information Commissioner’s Oce. Information on how to do this can be obtained from www.ico.org.uk.
How to contact the Company
The Data Protection officer can be contacted at:
Sentient, 1 Airport West, Lancaster Way, Leeds, LS19 7ZA
If you have any questions about this Privacy Notice or our data collection practices, please contact us at the address, telephone number or email listed above detailing the nature of your question.