In Compliance with Data Protection Act 1998 and the General Data Protection Regulation (GDPR)
Last updated: 29th September 2021
Pennys Group is committed to ensuring that your privacy is protected. We will comply with the principles of the Data Protection Act 1998 (guide) and the General Data Protection Regulation (GDPR) and aim to maintain best-practice standards in our processing of personal and/or sensitive personal / company sensitive data.
Should we ask you to provide certain information by which you can be identified it will only be used in accordance with this privacy statement. Where changes to this policy are required, updated issues will be emailed out and be made available to all appropriate personnel / interested parties.
This policy applies to all persons working for us or on our behalf in any capacity, including employees at all levels, directors, officers, agency workers, seconded workers, volunteers, agents, contractors and suppliers.
We may collect the following information:
- Name and job title
- Contact information, including email address and / or phone number
- Demographic information such as postcode
- National Insurance Number
- Bank / Financial Details
- Date of birth
- Emergency Contact Name and Number
- Copy of passport / drivers license
What we may do with the information:
- Communicate with Subcontract companies
- Respond to clients during projects / contracts
- Payment of invoices / Salaries
- Completion of security forms in order to obtain access to Government locations if required
- Health and safety documentation
- Training documentation
Who we collect information from:
- Full Time / Part Time or Temporary Workers / Employees
- Subcontractors (Individuals or Subcontract Companies)
- Sponsored Individuals (for Railway Working)
- Suppliers – company information only
We are committed to ensuring that your information on hard copies and / or electronically is secure.
Electronic information stored on the company server is password protected. Passwords can be changed at periodic / regular intervals. The company server has a firewall protection. Each computer system has virus protection that scans when the system initially starts and continually throughout the time it is running – for each document that is opened.
Paper documents are filed securely and only available to specific people.
Any personal information you send to us via email/post is done so at your own risk.
Sharing of data
Personal data may be shared with a third party where we have to check, then forward application forms for any required security clearances. Personal data will not be shared unless prior agreement is made with those concerned.
Data Consent Form (DCF)
Where individuals or organisations are requested to provide information to Pennys Group, a Data Consent Form (DCF) will also need to be completed by the individual(s) concerned. This will provide the company with the authority to use the data as specifically required.
How to withdraw your consent
You can withdraw the consent you are giving on the DCF at any time. You can do this by either writing to us, or emailing us at the addresses below:
Pennys Group Ltd
Email Address: email@example.com
Access to information
The Data Protection Act gives you the right to obtain/view the personal data held by Pennys Group at any time.
Should you wish to obtain a copy then please email the Data Protection Officer (DPO) at firstname.lastname@example.org.
Or write to us at:
Pennys Group Ltd