GDPR - New Project 3

HR & Diversity
Management Ltd
Go to content
GDPR PRIVACY STATEMENT
HR & Diversity Management Limited

Introduction
The Privacy Notice below is a public statement of how our organisation applies data protection principles to processing your data.  Here, we aim to make it clear, concise and accessible and we aim to ensure it covers our data protection objectives, responsibilities and how we handle breaches under the General Data Protection Regulations (GDPR).

Our Privacy Notice
Here at HR & Diversity Management Limited (HR&DM) we take your privacy seriously and we will only use your personal information to administer your case and provide the products and services you have requested of us, and signed up to, under the Client Agreement and as per our Terms of Reference.
 
The data collected by HR&DM will be fundamentally and exclusively information you have provided to us or documents you have forwarded to us.  

Access is limited to HR&DM Directors and named consultants of HR&DM who will be known by you from the outset. We will research legislation and Case Law which is relevant to your case and this information may also be held on your Client File.

HR & Diversity Management will not transfer your data to a third party without your consent. Ordinarily, no one will have access to your Client File other than Directors and/or the named consultant.  
 
The only third-party organisations who may have access to your data are:
 
  • A Regulator: During confidential internal audits we are legally required to cooperate. This is in order that we may acquire a Certificate of Authorisation and operate as a Claims Management organisation and provide employment law advice to you, our Client.
  • Solicitors acting on our behalf in pursuit of client cases. This is currently Messrs Taylor Fordyce based in Winchester. Such referrals would only be made with your agreement.  Any change to this third party would be notified in advance
  • IT service providers ensuring necessary housekeeping and IT back-up support is in place.

Collection of Data

We will only collect the information on your Client File that we need for the specific purpose of advising you in relation to your employment matter, as instructed by yourself.
This will usually include:
  • Your name
  • Your company name if applicable
  • Your e-mail addresses
  • Your correspondence address
       
The information you provide may contain personal information on third parties involved in your case. We will advise you to keep this to a minimum but will maintain the confidentiality of this information and only access it in pursuit of your case.  
We create a Client File in your name.  Your Client File is dedicated to your case and is confidential to yourself and ourselves only.
We keep all data secure at all times (See below).
We ensure all data is relevant and up to date at all times.
We will only hold as much data as we need in order to assess your case and provide advice to you, as instructed by yourself.  
We will allow a subject (ie; you, our Client) to see the data held on the Client File, by written request.  We will not allow a third-party to access your data other than as stated above.
 
Security
All documents held on computers at HR&DM are password protected and the content is encrypted.
Data will be held electronically where appropriate, but original hard copy documentation is often required in Employment cases. Hard copy documents and Client Files are held in a secure, fire proof, locked-up storage facility with access limited to authorised personnel (ie. HR&DM Directors and named consultants).
Original documents provided by you, to us, to enable us to carry out research into your case and advise you, will be returned to you by secure, registered post.
 
Retention & Disposal of Data
Data will be retained in line with statutory requirements. This will vary on a case to case basis depending on the circumstances involved and will normally be retained for seven years beyond completion of the case.
Retention of data/documentation will be kept to a minimum.
All data & documentation are professionally destroyed when they are no longer required.
Some documents are retained for auditing and monitoring purposes and for statistical analysis purposes only.
 
In accordance with the GDPR regulations, you may
 
  • request access to any personal data we hold about you;
  • request that it be updated, rectified, deleted or blocked;
  • request that we delete personal data we hold about you;
  • request that we restrict our processing of your personal data; and
  • request that we provide you or a third party with a copy of certain personal data about you (that is referred to as the right of  “data portability”).
  • You can also object to any of our uses of your personal data described in this policy.
           
Changes to our Privacy Policy
The internet and data privacy best practice are both developing/evolving all the time. We therefore reserve the right to revise this Privacy Policy at any time. Any changes we make to our privacy policy in the future will be posted on our website and notified to clients.
 
Complaints
If you feel a need to raise a complaint about our data handling, you can submit a written complaint to us, marked Confidential, at HR & Diversity Management Limited. PO Box 1276. Swindon. SN25 4UX.  You are required to provide full name, address and details for response.  Your complaint will be investigated by an internal, competent, sufficiently independent person of suitable authority within HR&DM.  That person may be a Director of HR&DM who has not been involved in your case and who is not implicated in your case.   A decision will be put in writing to you within 2 weeks of receipt of your complaint.
 
We have a separate general Complaints Policy.  Please contact us if you require a full copy of our Complaints Policy.
If you have signed a Client Agreement, you will find our Complaints Policy within that document.  
You may also consider our complaints policy statement on our website at www.hrdiversity.co.uk
Management Ltd
HR & Diversity
Back to content