This privacy notice explains in detail the types of personal data JAS Engineering may collect about you when you interact with us and also explains how we store and handle that data and keep it safe.
Data Protection Law
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
In certain situations, we may collect your data with your consent. For example, as an employee when you signed your terms of contract or as a customer you may have accepted we can contact you for marketing / email correspondence.
In certain situations, we may need your personal data to comply with our contractual obligations. For example, as a customer we’ll collect your address and contact details and pass them to our external courier to fulfil delivery requirements.
If the law requires us to, we may collect and process your data and pass on details of people involved in fraud or other criminal activity to law enforcement.
In certain situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we may use your email address to send you direct marketing telling you about products we think might interest you.
What information is being collected
As your employer, JAS Engineering needs to keep and process information about you for normal employment purposes. The type of data we would collect may involve:
- your application form and references
- your contract of employment and any amendments to it
- correspondence with or about you for example letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary
- Information needed for payroll, benefits and expenses purposes
- Address, Contact, age and emergency contact details
- records of holiday, sickness and other absence
- information needed for equal opportunities monitoring policy
- records relating to your career history, such as training records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records.
- Computer, telephone, email and mobile telephone use, as detailed in our social media and mobile telephone policy, available in the company handbook.
As a company pursuing to sell trolleys, we may sometimes need to process customer data to pursue our legitimate business interests. The type of data we would collect may involve:
- Business name, address, key contact information including individuals name, telephone numbers, email address and company bank / credit card details.
Much of the information we hold will have been provided by you, but some may come from other internal sources, such as your manager, or in some cases, external sources, such as referees.
How your information will be used
The information we hold and process will be used for our management and administrative use only. We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately.
For example, as an employee this will happen during the recruitment process and when you are working for us, at the time when your employment ends as well as after you have left.
This includes using information to enable us to comply with the employment contract, to comply with any legal requirements, pursue the legitimate interests of the Company and protect our legal position in the event of legal proceedings. If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.
If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that reason and any other relevant information.
Who will the information be shared with
Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you.
For instance, for employees we may need to pass on certain information to our external payroll provider, pension, life insurance or health insurance schemes and respond to payroll enquires from statutory bodies.
For customers we may need to pass on delivery and contact information to our third-part courier to fulfil our delivery requirements.
For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
We may also transfer information about you to other group companies for purposes connected with your employment or the management of the company’s business.
How will the information be stored and for how long.
We know how much data security matters. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. Whenever we collect or process your personal data it will be securely stored and we will only keep it for as long as is necessary and for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised so that it can be used in a non-identifiable way for statistical analysis and business planning.
Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data.
You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability. Please note that we as data processors may have a legitimate reason to refuse these requests.
If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn. For example, you have the right to stop the use of your personal data for direct marketing activity which you can do by clicking the ‘unsubscribe’ link in any email communication that we send you. We must always comply with your request however please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
Identity and contact details of controller and data protection officer
JAS Engineering is the controller and processor of data for the purposes GDPR.
If you have any concerns as to how your data is processed you can contact:
Peter Harrop (Data Protection Offer) on email (firstname.lastname@example.org) or alternatively you can write to the following address: Units 10/11 Riverside Estate, Egmont Street, Mossley, Ashton-Under- Lyne, OL5 9PY.
This notice was last updated on 08/05/2018