Privacy Policy Statement
Stainsby Contracts Ltd., is required to process relevant personal data regarding members of staff, suppliers and customers as part of its operations and shall take all reasonable steps to do so in accordance with this Policy.
Stainsby Contracts Ltd., shall so far as is reasonably practicable comply with the Data Protection Principles (the Principles) contained in the Data Protection Act to ensure all data is:-
Fairly, securely and lawfully processed
Adequate, relevant and not excessive
Accurate and up to date
Not kept for longer than necessary
Processed in accordance with the data subject’s rights
Personal Data
Personal data covers both facts and opinions about an individual where that data identifies an individual. For example, it includes information necessary for employment such as the member of staff’s name and address and details for payment of salary or attendance record and training records. Personal data may also include sensitive personal data as defined in the Act.
Processing of Personal Data
Consent may be required for the processing of personal data unless processing is necessary for the performance of a contract. Any information which falls under the definition of personal data and is not otherwise exempt, will remain confidential and will only be disclosed to third parties with appropriate consent.
Stainsby Contracts Ltd., will endeavor to ensure that all personal data held in relation to all data subjects is accurate and updated accordingly. Data subjects must notify the data processor of any changes to information held about them. Data subjects have the right in some circumstances to request that inaccurate information about them is erased.
Sensitive Personal Data
Stainsby Contracts Ltd., from time to time, may be required to process sensitive personal data. Sensitive personal data includes data relating to medical information, gender, religion, race, sexual orientation, trade union membership and criminal records and proceedings.
Rights of Access to Information
Data subjects have the right of access to information held by the Company. Any data subject wishing to access their personal data should put their request in writing to the Administration Department.
Marketing Information
Stainsby Contracts Ltd., processes some personal data for direct marketing purposes, data subjects have the right to request an opt-out to these activities, which must be respected.
Data Security
Stainsby Contracts Ltd., will take appropriate technical and organisational steps to ensure the security of personal data.
All staff will be made aware of this policy and their duties under the Act.
The company and all employees are required to respect the personal data and privacy of others and must ensure that appropriate protection and security measures are taken against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to all personal data.
An appropriate level of data security must be deployed for the type of data and the data processing being performed. In most cases, personal data must be stored in appropriate systems and be encrypted when transported offsite.
External Processors
Stainsby Contracts Ltd., must ensure that data processed by external processors, for example, service providers, are compliant with this policy and the relevant legislation.
Secure Destruction
When data held in accordance with this policy is destroyed, it must be destroyed securely in accordance with best practice at the time of destruction.
Retention of Data
Stainsby Contracts Ltd., may retain data for differing periods of time for different purposes as required by law or best practices, individual departments incorporate these retention times into the processes and manuals. Other statutory obligations, legal processes and enquiries may also necessitate the retention of certain data.