Privacy Notice – Clients & Suppliers (prospective, current and former)
About this Notice
This notice and any other document referred to in it, sets out the basis on which we will process any personal data we collect about our clients and suppliers. It does not form part of any contract and may be amended or updated at any time.
We take our data protection duties seriously, because we respect the trust that is being placed in us to use personal information appropriately and responsibly.
Personal data means data (whether stored electronically or paper based) relating to a living individual who can be identified directly or indirectly from that data (or from other data and information in our possession).
Processing is any activity that involves use of personal data. It includes obtaining, recording or holding the data, organizing, amending, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties.
Sensitive personal data includes personal data about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric, physical or mental health condition, sexual orientation or sexual life. It can also include data about criminal offences or convictions. Sensitive personal data can only be processed under strict conditions, including with the consent of the individual.
What information we collect and how your information will be used:
1. The Company needs to keep and process a limited amount of personal information in order to do business with you. The information we hold and process will be used for our management and administrative use only. Access to your information will be restricted only to those who have a reasonable need to access it. We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, during, whilst and after any contract or business transaction ends. This includes using information to enable us to comply with the contract, to comply with any legal requirements, pursue the legitimate interests of the Company and protect our legal position in the event of legal proceedings. If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision. We do not collect sensitive data about our clients or suppliers.
2. As a company pursuing contract cleaning activities for our clients, we may sometimes need to process your data to pursue our legitimate business interests, for example everyday business transactions, to prevent fraud, investigate disputes, administrative purposes or report potential crimes. The nature of our legitimate interests are to manage and retain your business information and general correspondence with clients, suppliers, and colleagues in order to administer our business requirements and protect our legal position in the event of legal proceedings. We also may use your details to contact you to offer you our services, or ask for your services, before we have a contract with you, during a contract and after an existing contract has expired. You can withdraw your permission for us to send you marketing information at any time. We will never process your data where these interests are overridden by your own interests.
4. The sort of information we hold includes name, job title, email address, contact number, payment information and business correspondence. If you enter into any contract with us you will, of course, inevitably be referred to in many company documents and records that are produced by us, you and your colleagues in the course of carrying out business transactions.
5. You can also refer to the Data Protection Policy which is available on our website http://swiftcleaning.co.uk/ or in paper format from Data Protection Compliance, Swift Office Cleaning Services Ltd, Swift House, Riverway, Harlow, Essex CM20 2DW.
6. In addition, we may keep recordings of answer phone messages that you leave on our telephone systems. We do this where necessary to fulfill our contractual obligations to our clients, to protect the legitimate interests of our business and to protect our legal position in the event of legal proceedings.
7. We operate a CCTV system at our head office for safety and security.
8. Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so, where we need to comply with our contractual duties to you, or with your consent. For example we may need to pass on certain information to subcontractors in order provide services such as window cleaning or the provision of janitorial and sanitary bin services etc.
9. In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
10. In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements. If we do we will ask your permission or take measures such as having contractual restrictions in place to ensure your data remains confidential and secure.
11. We do not use automated decision making (including profiling).
12. Personal data will be held for terms in accordance with schedule 1 below.
13. If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.
14. We protect your personal information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data, and information access authorisation controls. We use third party IT service providers to support our IT requirements and maintain our security, who may have access to data but are prohibited from processing, using or retaining it other than for the purpose of IT maintenance and support for the company.
15. Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. You have the right to request from us access to, and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.
16. If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
17. You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data.
Identity and contact details of controller and data protection contact
18.Swift Office Cleaning Services Ltd (company registration number 4595752) is the controller of data for the purposes of the DPA and GDPR unless otherwise agreed that it is the processor.
19.If you have any concerns as to how your data is processed you can contact:
Data Protection Compliance at firstname.lastname@example.org
or you can write to:
Data Protection Compliance
Swift Office Cleaning Services Ltd
Updating this notice