Privacy Policy

Data Privacy Policy Statement

In Compliance with Data Protection Act 1998 and the General Data Protection Regulation (GDPR)

Last updated: 29th September 2021

This data privacy policy sets out how Pennys Group Ltd uses and protects any information that Employees, Subcontractors, Customers and/or Suppliers gives to the company via email / post / in person.

Pennys Group is committed to ensuring that your privacy is protected. We will comply with the principles of the Data Protection Act 1998 (guide) and the General Data Protection Regulation (GDPR) and aim to maintain best-practice standards in our processing of personal and/or sensitive personal / company sensitive data.

Should we ask you to provide certain information by which you can be identified it will only be used in accordance with this privacy statement. Where changes to this policy are required, updated issues will be emailed out and be made available to all appropriate personnel / interested parties.

This policy applies to all persons working for us or on our behalf in any capacity, including employees at all levels, directors, officers, agency workers, seconded workers, volunteers, agents, contractors and suppliers.

We may collect the following information:

  • Name and job title
  • Contact information, including email address and / or phone number
  • Demographic information such as postcode
  • National Insurance Number
  • Bank / Financial Details
  • Date of birth
  • Emergency Contact Name and Number
  • Copy of passport / drivers license

What we may do with the information:

  • Communicate with Subcontract companies
  • Respond to clients during projects / contracts
  • Payment of invoices / Salaries
  • Completion of security forms in order to obtain access to Government locations if required
  • Health and safety documentation
  • Training documentation

Who we collect information from:

  • Full Time / Part Time or Temporary Workers / Employees
  • Subcontractors (Individuals or Subcontract Companies)
  • Sponsored Individuals (for Railway Working)
  • Suppliers – company information only


We are committed to ensuring that your information on hard copies and / or electronically is secure.

Electronic information stored on the company server is password protected. Passwords can be changed at periodic / regular intervals. The company server has a firewall protection. Each computer system has virus protection that scans when the system initially starts and continually throughout the time it is running – for each document that is opened.

Paper documents are filed securely and only available to specific people.

Any personal information you send to us via email/post is done so at your own risk.

Sharing of data

Personal data may be shared with a third party where we have to check, then forward application forms for any required security clearances. Personal data will not be shared unless prior agreement is made with those concerned.

Data Consent Form (DCF)

Where individuals or organisations are requested to provide information to Pennys Group, a Data Consent Form (DCF) will also need to be completed by the individual(s) concerned. This will provide the company with the authority to use the data as specifically required.


When our website uses ‘cookies’, a small file of letters and numbers that are stored on your computer by the websites you visit, the website or browser will notify you. We use cookies to improve your user experience by enabling websites to ‘remember’ you and your form details, if any were input, for the duration of your visit, using a ‘session cookie’, these cookies are usually cleared from your storage after the browser has been closed, unless you tell your browser otherwise. We also use cookies to track usage, analyse trends and gather information on how customers use our website, which allows us to improve our website.

Cookies are not linked to other personally identifiable information. For detailed information about our cookies policy, including which cookies we use or are required to use, please visit our Cookie Policy at

How to withdraw your consent

You can withdraw the consent you are giving on the DCF at any time. You can do this by either writing to us, or emailing us at the addresses below:

Pennys Group Ltd
Green Street
Ston Easton
Nr Bath

Email Address:

Access to information

The Data Protection Act gives you the right to obtain/view the personal data held by Pennys Group at any time.

Should you wish to obtain a copy then please email the Data Protection Officer (DPO) at

Or write to us at:

Pennys Group Ltd
Green Street
Ston Easton
Nr Bath