This privacy notice sets out how Informed Solutions uses and protects information.
Informed Solutions is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.
Informed Solutions may change this notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 24/04/18.
How your information will be used
1. Informed Solutions is a leading independent provider of management and technology consultancy services.
2. Informed Solutions is the Data Controller for the personal data described in this notice.
3. As a responsible employer, supplier and prime contractor, Informed Solutions needs to store and process information about you. The information we store and process is for our management and administrative use only. We will keep and use it to enable us to run our business effectively, lawfully and appropriately:
- If you are a potential, current or former employee.
- If you are a potential, current or former client.
- If you are a potential, current or former supplier.
This includes using information that enables us to comply with contractual obligations, to comply with legal requirements, to pursue the legitimate interests of the Company and to protect our legal position in the event of legal proceedings. If we are not provided with this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.
4. As a company providing management and technology consultancy services, we may sometimes need to process your personal data to pursue our legitimate business interests, including: (1) for administrative purposes; (2) to service client and supplier contracts; (3) to prevent fraud; and, (4) to report potential crimes.
5. Much of the information we hold is provided by you, but some data may come from other related sources, such as an appointed manager or, in some cases, external sources, such as referees or organisations that you outsource certain business activities to.
6. The sort of personal data we hold about you includes:
If you are an employee – Application form and references; contract of employment and any amendments to it; correspondence with or about you (e.g. letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary); information needed for payroll, benefits and expenses purposes; contact and emergency contact details; records of holiday, sickness and other absence; and records relating to your career history, such as training records, appraisal records, other performance measures and, where appropriate, disciplinary and grievance records.
Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used to comply with our health and safety obligations (i.e. to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate). We will also need this data to administer and manage statutory and company sick pay and, where applicable, health insurance policies.
In addition, we monitor employee computer, network and telephone/mobile telephone use, as detailed in our Digital Information and Equipment Acceptable Use Policy, a copy of which is available in the Staff Handbook. We also keep records of your presence in the office and hours of work by way of our Online Registration Portal and time recording system.
- If you are a client – Correspondence with or about you (e.g. emails or documents referencing discussions held with you regarding the delivery of contracts you are involved in); and,
- If you are supplier – Correspondence with or about you (e.g. emails or documents referencing discussions held with you regarding the delivery of contracts you are involved in).
7. Employee, client and supplier personal data may, of course, inevitably be referred to in many company documents and records that are produced by you and your colleagues in the course of carrying out your duties and the business of the company. You should refer to the Data Protection Policy, a copy of which is available on request form the Data Protection Officer (see section 4).
8. Where it is necessary for us to process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent to those activities unless this is not required by law or the information is required to protect your health in an emergency.
9. Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information about our employees to our external payroll provider, pension provider or health insurance schemes.
10. We may transfer information about you to other group companies for purposes connected with your employment or the management of the company’s business.
11. In limited and necessary circumstances, your information may be transferred outside of the EEA, or to an international organisation, to comply with our legal or contractual requirements.
12. We have in place safeguards, including an ISO 27001:2013 certified Information Security Management System, to ensure the security of your data. A copy of the safeguards is summarised in our Data Protection Policy, a copy of which is available on request form the Data Protection Officer (see section 4).
13. Informed Solutions does not employ automated decision making processes, including profiling, for decision making purposes.
14. Your personal data will be stored for a maximum period of 10 years.
15. If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information about that purpose and any other relevant information.
16. Under the EU General Data Protection Regulation (GDPR) you have a number of rights with regard to personal data. You have the right to: (1) request access to your personal data; (2) request that we rectify any errors in your personal data; (3) request erasure of your personal data; (4) request that we restrict processing of your personal data; (5) object to our processing your personal data; and, (6) request that we provide your personal data to you in a portable format.
17. If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
18. You have the right to lodge a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
Identity and contact details of the Controller
19. Informed Solutions Ltd is the Data Controller and Processor of data for the Purposes of the EU General Data Protection Regulation and the Data Protection Bill.
Identity and contact details of the Data Protection Officer
20. If you have any questions or concerns about how your data is processed, please contact Informed Solutions Data Protection Officer:
Tom Weeks, Technical Director at firstname.lastname@example.org
21. Alternatively, you can write to the Data Protection Officer at:
FAO Data Protection Officer
Informed Solutions Ltd
The Old Bank
Old Market Place
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Google Analytics generates detailed statistics about visitors to a website for marketing purposes. Google Analytics can track users across search engines, email campaigns and display advertising giving advertisers the opportunity to optimise campaigns on multiple platforms.
Data Collected: Anonymous (ad serving domains, browser type, demographics, language settings, page views, time/date), Pseudonymous (IP address).
Data sharing: Google stores the information collected by these cookies on servers in the United States and may transfer anonymous data to third-parties.
AddThis button spreads content across the Web making it easy for visitors to bookmark and share with other people. It provides user bookmarking and sharing activity statistics.
Data Collected: Anonymous (browser type, page views, referring URL, traffic statistics, time/date), Psudeonymous (IP address, unique device ID).
Data Sharing: Aggregate data is shared with third parties.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website.
Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.