Personal data is any information which can be used to identify you as an individual. It may include details such as your name, address, bank details, National Insurance number, biometrics and photographs/film (this list is not exhaustive).
Data must be processed in accordance with one of the grounds for processing which are laid down in data protection law. Our lawful basis for processing your data is to assist with the fulfilment of your contract for services.
Certain data is classified as ‘sensitive personal data’. This will include data about;
As your contracting intermediary we need to hold your personal data to enable us to assist with the fulfilment of your contract for services.
In holding your personal data, we will comply with the eight data protection principles which require that your data must be;
(a) Processed fairly andlawfully.
(b) Processed for limited purposes and in an appropriate way.
(c) Adequate, relevant and not excessive for the purpose.
(d) Accurate.
(e) Not kept longer than necessary for the purpose.
(f) Processed in line with individuals' rights.
(g) Secure.
(h) Not transferred to people or organisations situated in countries without adequate protection.
You have the right to:
a) Request access to any personal data we hold about you.
b) Prevent the processing of your data for direct-marketing purposes.
c) Ask to have inaccurate data held about you amended.
d) Prevent processing that is likely to cause unwarranted substantial damage or distress to you or anyone else.
e) Object to any decision that significantly affects you being taken solely by a computer or other automated process.
Where we need to share your personal data, we have contracts and data sharing agreements in place withthe recipients that require them to treat your information as confidential and ensure the continued protection of your datawhilst in their possession.
We will process your personal data with the following recipients:
a) Your Agency;
b) Your Client (named on your Contract for Services);
c) Governing bodies and authorities as required by law;
d) Individuals and organisations who hold information related to reference contacts you have provided;
e) Our software providers;
f) Third party suppliers, e.g. business associates and professional advisers, such as external consultants, technical andIT support functions, independent auditors;
g) Third party company at your request, e.g. landlord or alternative prospective employer;
h) Third party, where necessary to protect your vital interests, e.g. emergency services;
i) Pension provider;
j) We may transfer your personal information to a third party as part of a sale of some or all of our business and assetsto any third party or a part of any business restructuring or reorganisation. However, we will take steps with the aimof ensuring that your privacy rights continue to be protected.
If there are no grounds in data protection law for us to pass your personal and sensitive data on to a third party, we must obtain your consent before passing on yourdetails.
We may transfer the information you provide to us to countries outside the European Economic Area (‘EEA’). TheEEA comprises the EU member states plus Norway, Iceland and Liechtenstein.
The most common reason for this is that some of our customer services and processing teams are based in Manila, Philippines. Your data can only be accessed by our overseas teams through our secure,UK based database applications.
Whenever your data is shared, inside or outside of the EEA, we will take every step possible to ensure adequate protectionsare in place to ensure the security of your information.