PRIVACY STATEMENT & FAIR PROCESSING NOTICE

Statement

We are committed to:

We recognise our obligations under the Data Protection Act 2018 and the provisions of Regulations (EU) 2016/679 (the General Data Protection Regulations “GDPR”).

We confirm that:

Principles

We shall so far as is reasonably practicable comply with the Data Protection Principles (the Principles) contained in the Data Protection legislation to ensure all data is:-

Processing of Personal Data (including special categories of data)

Processing of such Personal Data will only be carried out if it is necessary:

Information we hold

In the course of providing our services to you we may receive from you and hold Personal Data and/or special categories of data about you, your officers and/or employees and in some cases, your clients/customers/service users, suppliers or other business associates.  We will only collect personal data and special categories of data that is required. 

Type of data we may collect

 

CLIENTS

PROSPECTIVE CLIENTS

EMAIL UPDATE RECIPIENTS

EMPLOYEES

Name

x   

x

x

x

Email address

x

x

x

x

Telephone number

x

x

 

x

Business Postal Address

x

x

 

 

Bank Account details (where appropriate)

x

 

 

x

Details of specific employees including:

 

 

 

 

Name and Address

x

 

 

x

Date of birth

x

 

 

x

Salary/benefits

x

 

 

x

Sickness Record/Medical Details

x

 

 

x

Criminal Record

x

 

 

x

Disciplinary Record

x

 

 

x

Qualifications/Training records

x

 

 

x   

Our policy on collecting data from children

We do not collect personal data from children under the age of 16.

Why we need to collect Personal Data

Clients:

We need to know the above personal data in order to:

Prospective Clients:

We need to know the above personal data in order to enter into pre-contractual discussions and alert you to our products/services.

Email Update Recipients:

We need to know the above personal data in order to provide you with the Information Update either to fulfil a contractual obligation; or in the performance of a legitimate interest; or because we have your consent.

Employees

We need to know the above personal data in order to perform the contract of employment and manage the employment relationship.

How we use your personal data

Your personal data will only be used for the purposes for which you provided it to us, as indicated above. It will also be used to administer, support and obtain feedback on the level of our services, and to help prevent breaches of security, the law or our contract terms.

What we do with it

We take all reasonable steps to ensure that your personal data is processed securely.

All the personal data we hold about you will be processed by our staff in the United Kingdom. 

Other than with an entity within the group:

Security Measures

We have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Only authorised employees, and authorised employees of our Third-Party service providers’ processing data on our behalf, have access to your personal data. All employees who have access to your personal data are required to adhere to the Company’s Privacy Notice and all third-party service providers are requested by the Company to ensure that any of their employees who have access to your personal data maintain confidentiality. In addition, contracts are in place with such third-party service providers acting as data processors for the Company that have access to your personal data, to ensure that the level of security required in your jurisdiction is in place, and that your personal data is processed only as instructed by the Company.

Data Breaches

We have reviewed our procedures for the detection, reporting and investigation of data breaches.

Retention of your personal data

We will retain your information only for as long as is necessary for the purposes set out in this statement. The Company will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, and enforce our agreements.

Your rights

Access

You can request details of all data we hold about you by submitting a subject access request to the Data Protection Officer, at the address provided below. We aim to comply with such a request from you within one month of the request being made. Where we cannot provide you with this information within one month; we shall inform you of this and provide the reasons why this cannot be achieved; at which point, we shall have a total of 3 months to comply with this request.

Rectify

In the event that your data is incorrect; you have the right to have this rectified by us. In the event that any of your data is incorrect, please contact the Data Protection Officer at the address provided below.

Objection

You have the right to object to our processing of your data. Please note, that where we need to process your data for reasons such as the defence of claims, we shall not be required to cease processing your data. In the event that you wish to object to us processing your data, please contact the Data Protection Officer (contact details below).

Erasure

You have the right to request that we delete your data provided that; we no longer require your data; or there is no legitimate legal basis for us to process your data; or we have unlawfully processed your data; or the data must be erased in order to comply with the law.

If you have grounds to request that we delete your data, and you wish to do so, please contact the Data Protection Officer (contact details below). We shall not charge a fee for your data to be deleted from our databases.

Complaints

You have a right to complain about the way we are holding or using your data and should you wish to do so, you should contact the Data Protection Officer (contact details below). If you remain unsatisfied with our response, you can refer the matter to the Information Commissioner’s Office. Information on how to do this can be obtained from www.ico.org.uk.

Changes to the terms of this Privacy Policy

We will occasionally make changes and corrections to this Privacy Policy. If we believe that the changes are material, we’ll let you know by doing one (or more) of the following:

(1) posting the changes on our website; or

(2) sending you an email or message about the changes.

How to contact the Company

The Data Protection officer can be contacted at:

Sentient, 49/51 Pegholme, Wharfebank Mills, Ilkley Road, Otley, LS21 3JP

TEL: 03456 446 006 | FAX: 03456 446 006 | Email: info@sentientuk.co.uk

If you have any questions about this Privacy Notice or our data collection practices, please contact us at the address, telephone number or email listed above detailing the nature of your question.