In line with the General Data Protection Regulations (GDPR), the following documents how we use the personal information we hold and how this is protected.
It is important that you read this privacy notice so that you are fully aware of how and why we are using your data.
This Policy explains the following:
- How is personal information defined?
- How is personal information collected?
- Types of personal information collected
- How we use your personal information
- Your legal rights
- Data Retention
- Security of your personal information
- How to make complaints and how to contact us
Should any changes be made to the way in which we collect data or how it is being used then the policy will be updated.
G Squared surveying promises to collect only the information that is required; to keep this data safe and private; not to sell any data collected; and to allow those, from who the data is collected, to have the right to manage and review this data.
How is Personal Information Defined?
Personal information is any information that tells us something about yourself. This may include information such as name, contact details, date of birth, bank account details or any information about your needs or circumstances which would allow us to identify you.
How Is Personal Information Collected?
Data may be collected as follows:
- Where required details obtained from public sources where details have been provided by yourself.
- Information provided by yourself as an employee of G Squared Surveying through company documentation forms.
- Data provided in C.V.’s and covering letters from any applicants for roles within G Squared surveying that are advertised or provided speculatively
Types of Personal Information Collected
Data may include, but is not limited to:
- Business contact details including mobile/landline numbers, email address and business address
- Additional information around the nature of your role, this may include qualifications and experience that is provided by yourself
- Role title, position and responsibility details
- Hobbies and interests
- Open data / public records which includes data that you have made freely available in a public domain such as via social media or publications and news articles
- Permissions – so we can record how you would like to receive information from us, or if you would prefer not to
- Any additional information that you provide.
How We Use Your Personal Information
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
- Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third direct marketing communications to you via email
Purposes for which we will use your personal data
The lawful basis for our processing of your personal date is set out below, including the basis of legitimate interest:
- Identity and Contract Data will be used on the following basis:
- to register you as a client which enables us to deliver the services we are engaged to provide to you
- to administer and protect our business which is necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) and in order to comply with our legal obligations
- to supplement the Marketing and Communications Data we hold about you
- Financial and Transaction Data will be used on the following basis:
- to manage payments, fees and charges which enable us to deliver the services we are engaged to provide to you
- to collect and recover money owed to us, which is which is necessary for our legitimate interests (to recover debts due to us)
- Technical and Usage Data will be used on the following basis:
- to use data analytics to improve our website, products/services, marketing, customer relationships and experiences, which is necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
- Marketing and Communications Data will be used on the following basis:
- to make suggestions and recommendations to you about services that may be of interest to you which is necessary for our legitimate interests (to develop our products/services and grow our business)
Your Legal Rights
Where applicable you may have the following rights over your personal information:
Request a copy of the information we hold
You can access the personal information we hold about you, you can do so by contacting us at email@example.com. There is no charge for us providing this information to you.
Ask us to not use your information
If for any reason you do not want us to hold or use your information please contact us. We may need to keep some of your information for legal and business reasons, for example to comply with a regulatory requirement.
Have your information corrected
If you think the personal information we hold is wrong please contact us and correct it if necessary. We are committed to holding personal information that is accurate and current.
The period for which we will keep your personal information will depend on the type of service you have requested from us. The retention period may be longer than the period for which we are providing services to you where we have statutory or regulatory obligations to retain personal information for a longer period, or where we may need to retain the information in case of a legal claim.
Security of your personal information
Security of your personal data is vitally important and we strive to maintain security in many ways:
- Testing and reviewing our systems, networks and locations that process data
- Maintaining security policies and procedures which are tested and reviewed periodically
- Ensuring employees are given the tools and training to handle data responsibly
- Controlling access to data across various levels including system and application access, physical access and 3rd party access, robust password management procedures and access only granted on a ‘need to know’ basis
- Ensuring data is periodically cleansed, archived or deleted in line with policy
- Ensuring data is encrypted both in transit and at rest
- Information assets are logged and equipped with up to date antivirus software
- Data is regularly backed up and stored in a secure environment
- Data breaches and security incidents are reported in line with policy and are followed up with analysis, risk assessments and corrective action where necessary
In line with our security obligations we would also ask that you notify us of any changes to your data so we can keep our records as accurate as possible.
How to make complaints and how to contact us
If you need to make a complaint about our handling of your personal information, please contact us directly at firstname.lastname@example.org. If the complaint isn’t resolved or further information s required, this can be found at the Information Commissioners Office website https://ico.org.uk/.