Privacy Policy

The Company recognises that it must at all times, keep and process sensitive and personal information about its employees, sub-contractors, clients and customers and has adopted this policy, not only to meet its legal obligations but to ensure high standards.

We all have a right in regard to the way in which our personal data is handled. During the course of our business activities, we will collect, store and process personal data about our employees and we recognise that the correct and lawful treatment of this data will maintain confidence in the Company and will provide for successful business operations.

All data users are obliged to comply with this policy when processing personal data on our behalf. Any breach of this policy may result in disciplinary action.

Information takes many forms and includes hard copy data printed or written on paper, data stored electronically, communications sent by post/courier or using electronic means, stored tape or video and speech.

Data Protection Principles

The Company and its employees will comply with the eight enforceable principles of good practice for processing sensitive data. These require that personal data must be:

  • Fairly and lawfully processed
  • Processed for limited purposes and in an appropriate way
  • Adequate, relevant and not excessive for the purpose
  • Accurate and up to date
  • Not kept longer than necessary
  • Processed in accordance with the data subject’s rights
  • Appropriate technical and organisational measures taken against unauthorised or unlawful processing and against accidental loss, destruction or damage
  • Not transferred to people or organisations situated in countries without adequate protection for the individual

Fair and lawful processing

The Company will ensure that at least one of the following conditions is met for personal information to be considered fairly processed:

  • The individual has consented to the processing
  • Processing is necessary for the performance of the contract with the individual
  • Processing is considered a legal obligation
  • Processing is necessary to pursue the legitimate interests of the data

Processed for limited purposes and in an appropriate way

We will not keep personal data longer than it is necessary for the purpose or purposes for which it was collected.

Adequate, relevant and non-excessive processing

We will only collect personal data to the extent that it is required for the specific purpose notified to the data subject.

Accurate and up to date/Not kept longer than necessary

We will ensure that personal data that we hold is accurate and kept up-to-date. We will check the accuracy of any personal data at point of collection and at regular intervals afterwards. We will take all reasonable steps to destroy or erase from our systems and files both electronic and hard-copy, all data which is no longer required.

Processing in line with data subject’s rights

We will process all personal data in line with data subjects’ rights, in particular their right to:

  1. Request access to any data held about them
  2. Asking to have inaccurate data amended
  3. Prevent processing that is likely to cause damage or distress to themselves or anyone else

Data Security

We will take appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data.

We will put in place procedures and technology to maintain the security of all personal data from the point of collection to the point of destruction. Personal data will only be transferred to a data processor if they agree to comply with those procedures and policies, or if he puts in place adequate measures himself. This would include maintaining confidentiality, integrity of the information to ensure its accuracy and suitability, and availability of the information for use by authorised users.

Updated - May 2018