Informed Solutions is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.
Informed Solutions may change this policy from time to time by updating this page. This policy is effective from 11th November 2022.
How your information will be used
1. Informed Solutions is a leading independent provider of management and technology consultancy services.
2. Informed Solutions is the Data Controller for the personal data described in this notice.
3. As a responsible employer, supplier and prime contractor, Informed Solutions needs to store and process information about you. The information we store and process is for our management and administrative use only. We will keep and use it to enable us to run our business effectively, lawfully and appropriately:
- If you are a potential, current or former employee.
- If you are a potential, current or former client.
- If you are a potential, current or former supplier.
This includes using information that enables us to comply with contractual obligations, to comply with legal requirements, to pursue the legitimate interests of the Company and to protect our legal position in the event of legal proceedings. If we are not provided with this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.
4. As a company providing management and technology consultancy services, we may sometimes need to process your personal data to pursue our legitimate business interests, including to: (1) prevent fraud; (2) to report potential crimes; (3) for administrative purposes; and, (4) to service client and supplier contracts.
5. Much of the information we hold is provided by you, but some data may come from other related sources, such as an appointed manager or, in some cases, external sources, such as referees or organisations that you outsource certain business activities to.
6. The sort of personal data we hold about you includes:
If you are an employee – Application form and references; contract of employment and any amendments to it; correspondence with or about you (e.g. letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary); information needed for payroll, benefits and expenses purposes; contact and emergency contact details; records of holiday, sickness and other absence; and records relating to your career history, such as training records, appraisal records, other performance measures and, where appropriate, disciplinary and grievance records.
Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used to comply with our health and safety obligations (i.e. to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate). We will also need this data to administer and manage statutory and company sick pay and, where applicable, health insurance policies.
In addition, we monitor employee computer, network and telephone/mobile telephone use, as detailed in our Digital Information and Equipment Acceptable Use Policy, a copy of which is available in the Staff Handbook. We also keep records of your presence in the office and hours of work by way of our Online Registration Portal and time recording system.
If you are a client – Correspondence with or about you (e.g. emails or documents referencing discussions held with you regarding the delivery of contracts you are involved in); and,
If you are supplier – Correspondence with or about you (e.g. emails or documents referencing discussions held with you regarding the delivery of contracts you are involved in).
7. Employee, client and supplier personal data may, of course, inevitably be referred to in many company documents and records that are produced by you and your colleagues in the course of carrying out your duties and the business of the company. You should refer to the Data Protection Policy, a copy of which is available on request form the Data Protection Officer (see section 4).
8. Where it is necessary for us to process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent to those activities unless this is not required by law or the information is required to protect your health in an emergency.
9. Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information about our employees to our external payroll provider, pension provider or health insurance schemes.
10. We may transfer information about you to other group companies for purposes connected with your employment or the management of the company’s business.
11. In limited and necessary circumstances, your information may be transferred outside of the EEA, or to an international organisation, to comply with our legal or contractual requirements.
12. We have in place safeguards, including an ISO 27001 certified Information Security Management System, to ensure the security of your data. A copy of the safeguards is summarised in our Data Protection Policy.
13. Informed Solutions does not employ automated decision-making processes, including profiling, for decision making purposes.
14. Your personal data will be stored for a maximum period of 10 years.
15. If in the future, we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information about that purpose and any other relevant information.
16. Under the UK General Data Protection Regulation (GDPR) you have several rights with regard to personal data. You have the right to: (1) request access to your personal data; (2) request that we rectify any errors in your personal data; (3) request erasure of your personal data; (4) request that we restrict processing of your personal data; (5) object to our processing your personal data; and, (6) request that we provide your personal data to you in a portable format.
17. If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
18. You have the right to lodge a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of the GDPR with regards to your personal data.
Identity and contact details of the Controller
19. Informed Solutions Ltd is the Data Controller and Processor of data for the Purposes of the UK General Data Protection Regulation.
Identity and contact details of the Data Protection Officer
20. If you have any questions or concerns about how your data is processed, please contact Informed Solutions Data Protection Officer:
Tom Weeks, Technical Director at firstname.lastname@example.org
21. Alternatively, you can write to the Data Protection Officer at:
FAO Data Protection Officer
Informed Solutions Ltd
The Old Bank
Old Market Place