Privacy Statement & Fair Processing Notice

Statement

We are committed to:

The appropriate use and protection of personal data in all our business dealings;
Maintaining high levels of confidentiality

We recognise our obligations under the Data Protection Act 2018 and the provisions of Regulations (EU) 2016/679 (the General Data Protection Regulations “GDPR”).

We confirm that:

The Data ‘Controller’ is Sentient Group Limited; and
The Data Protection Officer is Fiona McQuillan; and
Sentient Group Limited are registered with the Information Commissioner’s Officer.

Principles

We shall so far as is reasonably practicable comply with the Data Protection Principles (the Principles) contained in the Data Protection legislation to ensure all data is:-

Processed fairly, lawfully and transparently;
Collected and processed only for specified, explicit and legitimate purposes;
Adequate, relevant and limited to what is necessary for the purposes for which it is processed;
Accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
Not kept for longer than is necessary for the purposes for which it is processed; and
Processed securely.

Processing of Personal Data (including special categories of data)

Processing of such Personal Data will only be carried out if it is necessary:

To enable us to perform our contractual obligations;
To comply with a legal obligation;
To protect vital interest of the Data Subject or other natural person;
For the performance of a task carried out in the public interest in the exercise of social authority;
For performance of a legitimate interest; or
With the consent of the Data Subject.
Information we hold

In the course of providing our services to you we may receive from you and hold Personal Data and/or special categories of data about you, your ocers and/or employees and in some cases, your clients/customers/service users, suppliers or other business associates. We will only collect personal data and special categories of data that is required.

	CLIENTS	PROSPECTIVE CLIENTS	EMAIL UPDATE RECIPIENTS	EMPLOYEES
Name	x	x	x	x
Email address	x	x	x	x
Telephone number	x	x		x
Business Postal Address	x	x
Bank Account details (where appropriate)	x			x
Details of specific employees including:
Name and Address	x			x
Date of birth	x			x
Salary/benefits	x			x
Sickness Record/Medical Details	x			x
Criminal Record	x			x
Disciplinary Record	x			x
Qualifications/Training records	x			x

Our policy on collecting data from children

We do not collect personal data from children under the age of 16.

Why we need to collect Personal Data

Clients:

We need to know the above personal data in order to:

Perform the contract by:
Keeping in contact with you;
Providing HR/legal/health and safety/food safety advice and documentation
Processing orders;
Managing your account.
Prospective Clients:

We need to know the above personal data in order to enter into pre-contractual discussions and alert you to our products/services.

Email Update Recipients:

We need to know the above personal data in order to provide you with the Information Update either to fulfil a contractual obligation; or in the performance of a legitimate interest; or because we have your consent.

Employees

We need to know the above personal data in order to perform the contract of employment and manage the employment relationship.

How we use your personal data

Your personal data will only be used for the purposes for which you provided it to us, as indicated above. It will also be used to administer, support and obtain feedback on the level of our services, and to help prevent breaches of security, the law or our contract terms.

What we do with it

We take all reasonable steps to ensure that your personal data is processed securely.

All the personal data we hold about you will be processed by our sta in the United Kingdom.

Other than with an entity within the group:

We will never share your personal data with any Third-Party business organisation that intends to use it for their own purposes, other than as required by law;
In order to fulfil the contract, we may share your personal data with Third-Parties such as those who assist us in providing the products and services and who perform technical operations, but only in the strictly limited circumstances such as:
Sentient authorised and approved HR / Health and Safety Associates;
Barristers or external legal advisors in the provision of providing legal advice/representation;
Trainers (in delivering specialist training courses);
On-line Training Technical support
“Third-Party Data Processors” (service providers such as digital agencies, hosting providers, data storage providers and other technical partners) who help us administer the website, or process the data submitted to it, may have access to your data.

Security Measures

We have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Only authorised employees, and authorised employees of our Third-Party service providers’ processing data on our behalf, have access to your personal data. All employees who have access to your personal data are required to adhere to the Company’s Privacy Notice and all third-party service providers are requested by the Company to ensure that any of their employees who have access to your personal data maintain confidentiality. In addition, contracts are in place with such third-party service providers acting as data processors for the Company that have access to your personal data, to ensure that the level of security required in your jurisdiction is in place, and that your personal data is processed only as instructed by the Company.

Data Breaches

We have reviewed our procedures for the detection, reporting and investigation of data breaches.

Retention of your personal data

We will retain your information only for as long as is necessary for the purposes set out in this statement. The Company will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/ revenue laws), resolve disputes, and enforce our agreements.

Your rights

Access

You can request details of all data we hold about you by submitting a subject access request to the Data Protection Ocer, at the address provided below. We aim to comply with such a request from you within one month of the request being made. Where we cannot provide you with this information within one month; we shall inform you of this and provide the reasons why this cannot be achieved; at which point, we shall have a total of 3 months to comply with this request.

Rectify

In the event that your data is incorrect; you have the right to have this rectified by us. In the event that any of your data is incorrect, please contact the Data Protection Ocer at the address provided below.

Objection

You have the right to object to our processing of your data. Please note, that where we need to process your data for reasons such as the defence of claims, we shall not be required to cease processing your data. In the event that you wish to object to us processing your data, please contact the Data Protection Ocer (contact details below).

Erasure

You have the right to request that we delete your data provided that; we no longer require your data; or there is no legitimate legal basis for us to process your data; or we have unlawfully processed your data; or the data must be erased in order to comply with the law.

If you have grounds to request that we delete your data, and you wish to do so, please contact the Data Protection Officer (contact details below). We shall not charge a fee for your data to be deleted from our databases.

Complaints

You have a right to complain about the way we are holding or using your data and should you wish to do so, you should contact the Data Protection Ocer (contact details below). If you remain unsatisfied with our response, you can refer the matter to the Information Commissioner’s Office. Information on how to do this can be obtained from www.ico.org.uk.

Changes to the terms of this Privacy Policy

We will occasionally make changes and corrections to this Privacy Policy. If we believe that the changes are material, we’ll let you know by doing one (or more) of the following:

(1) posting the changes on our website; or
(2) sending you an email or message about the changes.

How to contact the Company

The Data Protection officer can be contacted at:

Sentient, 1 Airport West, Lancaster Way, Leeds, LS19 7ZA

TEL: 03456 446 006 | FAX: 03456 446 006 | Email: info@sentientuk.co.uk

If you have any questions about this Privacy Notice or our data collection practices, please contact us at the address, telephone number or email listed above detailing the nature of your question.

03456 446 006