This policy is effective from 21 May 2018.
General Data Protection Regulation (GDPR)
On 25 May 2018, the EU introduced a new regulation – the General Data Protection Regulation (GDPR). The GDPR gives individuals greater control over their personal information and how it is used.
GDPR sets out the following right for individuals:
The right to access the personal information a company holds on them
The right to have their personal information sent directly to them or another organisation
The right to have errors corrected
The right to have information erased.
The company is committed to ensuring that individuals’ privacy is protected. If personal information is requested at any time, the company guarantees that it will only be used in accordance with this privacy statement.
Clydesdale Construction Co. Ltd. may update this policy from time to time and any changes will be notified to all relevant individuals.
Personal data which the company collects
The company collects and retains information on its employees, sub-contractors, suppliers and clients in accordance with normal business operations. This information is never shared with other parties, unless express permission is received from the relevant person/company.
Why this information is needed?
The company strives to keep details up to date and to ensure it satisfies legal and statutory obligations which it must meet as an employer/contractor.
The company is committed to ensuring that all personal information is secure. In order to prevent unauthorised access or disclosure, it has put in place physical, electronic and managerial procedures to safeguard and secure the information it holds.
These measures include:
Handling all information confidentially and with discretion.
Storing all personal information in a locked cabinet.
Clean desk policy – personal information is not left on the office desk. It is placed in locked cabinet when not being used.
Retaining all information for the relevant statutory period.
Updating details as and when required.
Non-disclosure of any personal data to any third party, without prior consent from the individual concerned.
Password protection on all electronic files.
Operation of Thesaurus Connect for employees.
Controlling personal information
The company will not sell, distribute or lease any personal information it holds, to third parties unless it has received permission or are required by law to do so. It may use personal information to send employees promotional information about third parties which it thinks may be of relevance, if employees give consent for this to happen.
Individuals may request details of personal information which the company holds about them under the Data Protection Act 1998. If they believe that any information the company is holding on them is incorrect or incomplete, they are asked to notify the Company immediately. Any information found to be incorrect will be corrected promptly.