Robinsons Relocation understands that we need to keep certain information about our clients, employees and partners to allow us to monitor, for example Health & Safety or to meet legal obligations to government bodies.
To comply with the law this information must be collected and used fairly, stored safety and not disclosed to any other person unlawfully. To do this, Robinsons Relocation must comply with the Data Protection Principles which are set out in the Data Protection Act 1998.
In summary these state that personal data shall:
- be obtained and processed fairly and lawfully and shall not be processed unless certain conditions are met;
- only be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose;
- be adequate, relevant and not excessive for those purposes;
- be accurate and kept up to date;
- not be kept for longer than is necessary for that purpose;
- be processed in accordance with the data subject’s rights;
- be kept safe from unauthorised access, accidental loss or destruction;
- not be transferred to a country outside the European Economic Area, unless that country has equivalent levels of protection for personal data.
Through its management team and processes all Robinsons Relocation employees are responsible for ensuring that:
- any personal data which they hold is kept securely.
- personal information is not disclosed either orally or in writing or accidentally or otherwise to any unauthorised third party.
Employees are made aware that unauthorised disclosure will usually be a disciplinary matter, and may be considered gross misconduct in some cases.
Personal information should be:
- kept in a locked filing cabinet; or
- in a locked drawer; or
- if it is computerised , be password protected; or
- kept only on disk which is itself kept securely.
Notification of Data Held and Processed
All clients, employees, and partners are entitled to:
- know what information Robinsons Relocation holds and processes about them and why;
- know how to gain access to it;
- know how to keep it up to date;
- know what Robinsons is doing to comply with its obligations under the 1998 Act.
Robinsons Relocation will therefore upon request, provide all clients, employees and partners with a standard form of notification. This will state all the types of data Robinsons Relocation holds and processes about them, and the reasons for which it is processed.
Rights to Access Information
Employees, Clients and Partners of Robinsons Relocation have the right to access any personal data that is being kept about them either on computer or in certain files. Any individual who wishes to exercise this right should request this in writing to email@example.com
Publication of Information
Information that is already in the public domain is exempt from the 1998 Act.
It is Robinsons Relocation policy to make as much information public as possible, and in particular the following information will be available to the public for inspection:
- Names of, and a means of contacting, Robinsons Relocation Directors
- Photographs of key employees
- Credentials and Experience of Key Personnel
Robinsons Relocation internal phone list will not be a public document.
The Data Controller and the Designated Data Controllers
Robinsons Relocation as a body corporate is the data controller under the Act, and the Corporation is therefore ultimately responsible for implementation. However, designated data controllers will deal with day to day matters such as:
- to ensure that all data is processed fairly;
- to ensure that the data is accurate, and that processes exist to check and amend data as necessary;
- to ensure that consent is obtained either generally or expressly;
- to ensure that policies and procedures are in place to enable access by those whom the data concerns;
- to ensure that data is kept securely and disposed of properly;
- to make sure the notification requirements are satisfied;
- to make determinations regarding processing of data without consent, in cases of necessity or public interest.
We will communicate this policy and relevant guidance to employees across the company, through our established internal communication channels. We will also communicate this policy to our suppliers, contractors and business partners and wider stakeholders. We are committed to provide relevant training on how to implement this policy.
If you would like to obtain full copy of our Privacy & Data Protection policy, please contact firstname.lastname@example.org