Broadland Guarding Services – Privacy Notice
Broadland Guarding Services will be what is known as the “Controller” of the personal data you provide to us through this service. This includes when data is collected or processed by the Company no matter what media this information resides on.
The Companies contact address is: Broadland Guarding Services, Delta House, Norwich, Norfolk, NR6 6AQ. The Company has appointed; Robb Eldridge, General Manager as our “Responsible Person” for data protection compliance. His contact details are:
Attn: R Eldridge
Broadland Guarding Services, Delta House, Norwich, Norfolk, NR6 6AQ
07799646602
How and why we use your information:
We will only store information collected during the course of fulfilling our contract obligations with your organisation. The information collected and processed may include personal information such as names, activities, actions and incidents. This information will be stored no longer than necessary or as stipulated by relevant rules and regulations.
We are storing and processing this information in order to meet the terms of our contract of services. This processing is with your explicit consent to do so: if you chose to withdraw your consent (Opt-Out), we will cease processing and storing your information immediately. If you do Opt-Out we will no longer be able to meet the terms of our current contact of service. To Opt-Out please send an email or contact our “Responsible Person”, details are listed above.
You data will only be used for the purpose stated above and as outlined in our contract of service, this data will not be shared with any third parties without permission.
Storing and retention of your information:
The Company takes the security of your data seriously and has internal policies and controls to ensure data is not lost, accidently destroyed, misused or disclosed and the information is accessed by employees only in the performance of their duties. Any personal information is stored securely and will be held only as long as necessary or as guidelines and regulations dictate.
Storage/Access of Material
All media is stored at the Company Headquarters building located at Vulcan Road North, Norwich, NR6 6AQ. The building is manned 24/7 as our Control Room is located on the 1st floor. Access to the building is either by FOB or the building entry buzzer which is controlled by our on duty Controller. There are secondary entrance doors for both the ground and 1st floors also requiring FOBs or manual buzzer release. All visitors are required to be escorted. Offices located on either the ground or 1st floors are kept locked outside of normal business hours. These offices are locked by key or combination lock. Office keys and the combination numbers are issued only to appropriate personnel. Spare keys and the ground floor entrance combination are held in the Control Room in sealed envelopes. Access to these offices is controlled and spare keys/combos must be signed for when the seal is broken.
All hard copy items are kept locked in offices with controlled access. Archive material is kept in our designated archive room. This room is kept locked with controlled access by only HR or Senior Management personnel. The room has a log which must be filled in when it is accessed.
Digital material is held on either desktop or laptop systems which are stored in offices. The servers are located on the 1st floor. Access to the servers is restricted to authorised personnel. This space also requires a log to be filled in when accessed.
Retention
All hard copy or digital media is retained as per British Standards or other regulatory guidelines. Information is held no longer than necessary; once information is no longer required it is either shredded on site or sent to a authorised site for secure disposal.
The below table is a guideline to Company retention held in any format (i.e. Paper/Digital). Files are to be reviewed on a regular basis and information destroyed/deleted as per guidelines. Destruction/deletion should be logged with documentation signed off by the HR Manager. The HR Manager should keep Senior Management updated on the review and destruction/deletion of material at Management Board meetings. This procedure will become part of the Company Audit process.
Information Type Retention Period Comments
|
Accounts / Invoices / Supplier Documentation |
||||||||
| Payments Cash Book or records of payments made | 6 years | |||||||
| Invoice – Revenue | 6 years | |||||||
| Petty Cash Records | 6 years | |||||||
| Bank Statements | 6 years | |||||||
| Remittance Advices | 6 years | |||||||
| Correspondence re donations | 6 years | |||||||
| Bank reconciliations | 6 years | |||||||
| Receipts Cash Book | 10 years | |||||||
| Annual accounts & annual review | Permanently | |||||||
| Payroll Documentation | ||||||||
| Income Tax records (i.e. P45, people leaving) | 6 years | This is plus current year. | ||||||
| P6 – Notice of Tax Code | 6 years | This is plus current year. | ||||||
| P11D – Annual Return of employees / directors expenses & benefits | 6 years | This is plus current year. | ||||||
| P60 (Certificate of pay & tax deducted) | 6 years | This is plus current year. | ||||||
| Notice of Tax Code Change | 6 years | This is plus current year. | ||||||
| Annual return of taxable pay & tax deducted | 6 years | This is plus current year. | ||||||
| Records of Pension deductions | 6 years | This is plus current year. | ||||||
| Payroll & payroll control account | 6 years | This is plus current year. | ||||||
| Insurance Documents | ||||||||
| Policies | 3 years | After Lapse | ||||||
| Claims Correspondence | 3 years | After settlement | ||||||
| Employers Liability Insurance Certificates | Forty Years | |||||||
| Accident Reports & relevant correspondence. | 3 years | After settlement | ||||||
| Employee Personnel Records | ||||||||
| Wages & Salary records | 6 years | Plus current year | ||||||
| Expense accounts/records | 6 years | Plus current year | ||||||
| Staff Personnel charts | 6 years | After employment ceases | ||||||
| Details of Medical Schemes | Permanently | |||||||
| Accident Reports | 3 years | After last entry or end of investigation if later | ||||||
| Redundancy details, calculations of payments, notification | 6 years | After employment has ceased | ||||||
| Applications for Jobs (where candidate is unsuccessful) – Unsuccessful Interviews | 1 year | After notifying the unsuccessful candidate | ||||||
| Vetting records | 7 years | BS7858:2012 section 9 | ||||||
| Sickness records | 3 years | After end of each tax year for Statutory Sick Pay | ||||||
| Statutory Maternity Pay records, calculations of other medical evidence | 3 years | After end of tax year in which maternity ends | ||||||
| Training Records | 6 years | After Leaving | ||||||
| DBS Documents | 6 months | |||||||
| Health & Safety Records | ||||||||
| Accident Reports / Books | 3 years | Once Completed | ||||||
| Health & Safety Records | 3 years | Personal injury actions must generally be commenced within 3 yrs of injury. | ||||||
| Employers Liability Insurance Certificates | Forty Years | |||||||
| Accident Reports & relevant correspondence. | 3 years | After settlement | ||||||
| Other Documents | ||||||||
| MB/Directors Meeting Minutes | Permanently | |||||||
| Contracts with customers/clients, suppliers or agents | 6 years. | After the expiration or termination of the contract | ||||||
| Daily Occurrence Books | 7 years | After the expiration or termination of the contract | ||||||
Right to request access to your information:
As the data subject you have a number of rights. You can:
- Access or obtain a copy of your data on written request
- Require the Company to change incorrect or incomplete data
- Require the Company to delete or stop processing your data, for example when data is no longer necessary to fulfil our contact of services
- Ask the Company to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the Companies legitimate grounds for processing data.
If you would like to exercise any of these, please contact R. Eldridge whose details are listed in this document.
If you believe the Company has not complied with your data protection rights, you can complain to the Information Commissioner.
Questions or concerns about personal data:
If you have any questions or concerns about the collection, use or disclosure of your personal information please contact Broadland Guarding Services “Responsible Person” whose details were listed earlier in this document.
You have the right to complain to the Information Commissioner’s Office about the way the Companies handling your personal information. Details can be found on their website.
