Privacy Notice (Reviewed May 2018)
Able Services PDM Limited takes privacy very seriously. We ask that you read this Privacy Notice carefully as it contains important information about what to expect when we collect personal information and how we will use personal data.
Postal Address: Unit 32, Joseph Wilson Industrial Estate, Whitstable, Kent CT5 3PS
The kind of information we may collect and hold about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Clients and Suppliers
When you do business with us and/or register for our services we may collect the following information from you:
Name, business address, contact telephone numbers and business email address
We may collect this information from either you as the data subject or from your employer.
Employees and Applicants
When you apply to work or are contracted to work for us we may collect the following information from you:
Name, address, contact telephone number, emergency contact numbers, bank details, NI and Tax numbers, medical information, birth certificate, passport, work visa, details of previous employment, training records, driving licence
We will collect your personal information from you as the data subject
How we will use the information about you
We will only use your personal information when the law allows us to.
Situations in which we will use your personal information
We need some of the categories of information in the lists above. Primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases, we may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We do not undertake any automated decision-making.
We may have to share your data with third party service providers. We require third parties to respect the security of your data and to treat it in accordance with the law.
Why might you share my personal information with third parties?
We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
Which third-party service providers process my personal information?
“Third parties” includes third-party service providers (including contractors and designated agents). The following third-party service providers process personal information about you for the following purposes: IT services, auditors/assessors, consultants and service providers who provide services to us in order that we may provide such services and or employment to you.
How secure is my personal information with third-party service providers?
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
What about other third parties?
We may share your personal information to otherwise comply with the law.
We have put in place measures to protect the security of your personal information. Details of these measures are available upon request.
Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long will you use my personal information for?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once your transaction has concluded we will retain and securely destroy your personal information in accordance with applicable laws and regulations.
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Your rights in connection with personal information
Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above, please email us at firstname.lastname@example.org You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you. If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( www.ico.org.uk ). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us in writing: Email – email@example.com Postal – Unit 32, Joseph Wilson Industrial Estate, Whitstable, Kent CT5 3PS
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us in writing. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Data Protection Officer
We are not required to have a dedicated Data Protection Officer, however should you have any questions about this Privacy Notice or how we handle your personal information, please contact: Email – firstname.lastname@example.org Postal – Unit 32, Joseph Wilson Industrial Estate, Whitstable, Kent CT5 3PS
We may also wish to provide you with information about special features of our website or any other service we think may be of interest to you. If you would rather not receive this information, please send an email message to email@example.com
If you agree to us providing you with marketing information, you can always opt out at a later date.
How we protect your information
We have put in place security procedures and technical and organisational measures to safeguard your personal information.
We do not store or process any personal information on our website.
Changes to Privacy Notice
We reserve the right to update this Privacy Notice at any time. If we make any changes we will post the changes on our website so that you may be aware of the information we collect and how we use it at all times.
We may also notify you in other ways from time to time about the processing of your personal information.
How to contact Able Services PDM Limited
We welcome your views about our website and our Privacy Notice. If you would like to contact us with any queries or comments please contact us:
Email – firstname.lastname@example.org
Postal – Unit 32, Joseph Wilson Industrial Estate, Whitstable, Kent CT5 3PS
What to do if you are unhappy with how we handle your personal data
If you are unhappy with how we handle your personal data we would like you to tell us first either via
Email – email@example.com Postal – Unit 32, Joseph Wilson Industrial Estate, Whitstable, Kent CT5 3PS
However, you are entitled to raise matters direct with the Information Commissioner’s Office if preferred. Contact details for the ICO can be found at https://ico.org.uk/global/contact-us.