Ditton HR Ltd Privacy Notice

Ditton HR Limited takes your privacy very seriously and understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all our clients and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

 

Ditton HR Limited is the data controller and is responsible for your personal data. We have appointed a Data Privacy Manager who is responsible for this privacy notice. If you have any questions about this notice, please contact the Data Privacy Manager who is responsible for overseeing any questions in relation to this Privacy Notice.

 

Ditton HR Limited is a company registered in England under company number 8062286. Our Registered address is 73 Kings Road, Long Ditton, United Kingdom, KT6 5JE. The Company’s VAT number is 341479985. The person responsible for Data Protection is our Data Privacy Manager – Claire Watt. Email address: info@dittonhr.co.uk Telephone number: 020 8398 6599

What Does This Notice Cover?

This Privacy Notice explains how we use your personal data to deliver the services you have requested from us: how it is collected, held, and processed. It also explains your rights under the law relating to your personal data.

What Is Personal Data?

Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. The personal data that we use is set out later in this Privacy Notice.

What Are My Rights?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.

 

a) The right to be informed about our collection and use of your personal data.

b) The right to access the personal data we hold about you, commonly known as a data subject access request. This enables you to receive a copy of the personal data we hold about you and check that we are lawfully processing it. Part 10 below will tell you how to do this.

c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. This enables you to have any data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. You have the right to ask us to delete personal information about you where you consider that we no longer require the information for the purposes for which it was obtained.

e) The right to restrict (i.e. prevent) the processing of your personal data.

f) The right to object to us using your personal data for a particular purpose or purposes, such as for direct marketing purposes. Last updated March 2021

g) The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.

h) The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

i) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

 

It is important that your personal data is kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.

 

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau. If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (https://ico.org.uk).

 

We would welcome the opportunity to resolve your concerns ourselves however, so please contact us first and we will be happy to assist you with your concerns.

How does Ditton HR collect and process client information and who is responsible for it?

Ditton HR may collect and process information about you from several sources which are outlined here:

 

• When you enter your information on a contact form on our website. The data controller for this data is Ditton HR Ltd.

• When your company enters into a client agreement with Ditton HR Ltd and provides information about you to us for the purposes of receiving HR services. In this case, only information about you that is relevant to the delivery of these services should be shared by your employer with Ditton HR Ltd. The data controller for this information is your company and Ditton HR are the sub-processors.

What sort of information about you is being collected and processed by Ditton HR?

In line with the expectations of the Data Protection Act (2018) and the UK GDPR regulations, we only collect necessary information that is required to allow us to promote and deliver our services fairly and effectively.

How can you find out what information Ditton HR holds about you?

Under the Data Protection Act (2018) and UK GDPR regulations, any person about whom organisations hold data (a ‘data subject’) is allowed to request a copy of that information. This is called a Subject Access Request (‘SAR’). There is guidance for individuals who want to make a Subject Access Request on the website of the regulator, the Information Commissioners Office (‘ICO’) (https://ico.org.uk) and it is strongly recommended that you review this guidance before submitting your request to avoid any delays. There is also information on this site about requirements for SARs for both the requesting and responding parties, and who SARs should be sent to.

 

If you wish to make a subject access request to Ditton HR, these should be submitted to the Data Privacy Manager by email to info@dittonhr.co.uk or by post to: The Data Privacy Manager Ditton HR Ltd 73 Kings Road Long Ditton Surrey KT6 5JE

Why is Ditton HR collecting and processing your information?

We collect and process information about you in order to provide outsourced HR services to your company in line with client agreements made with the company. If you provide your information to us through this website, we would consider this to mean you have a legitimate interest in our services, and that you are happy to be contacted in relation to those services, and that you are happy for us to share this with our relevant data sub-processors outlined below in order for our services to be delivered to you.

What Is Personal Data?

Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. The personal data that we use is set out later in this Privacy Notice.

How long is your information kept, and can you make sure it is accurate?

Ditton HR must retain some information for periods in line with regulatory or legislative requirements. If there is no regulatory or legal requirement to retain your information, then it will be kept until one of the following is true:

• You request for your data to be erased (see section below) and this can be legally fulfilled.

• The data is known to be or is suspected to be invalid/inaccurate by Ditton HR.

• The data is known to be or is suspected to be no longer appropriate for use for reasons of legitimate interest by Ditton HR (as outlined above).

 

If you believe any information held by Ditton HR is incorrect and wish to amend it, please contact us in writing via letter or email.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

 

In addition, we limit access to your personal data to those contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

 

Ditton HR Limited have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

Whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

 

Last updated March 2021

 

Once we receive your information, we make every effort to ensure it is secure on our systems. Where we have given, or where you have chosen, a password which enables you to access information, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. If you think that any part of our process is not secure, please email our Data Privacy Manager – Claire Watt

Who else is your information shared with?

Ditton HR does not pass your information to third parties outside of Ditton HR, other than to specific data subprocessors necessary for us to provide our services.

 

In order to facilitate delivery of our services to those who have provided their information and who we believe have a legitimate interest in our business, we may share your information with specific ‘sub-processors’ with whom we have data sharing agreements. We want to be clear and transparent with you about the sub-processors we use and what we have done to ensure that they take your data protection as seriously as we do.

Changes to our Privacy Notice

We keep our Privacy Notice under regular review and we will place any updates on this web page.

Download Privacy Policy as a pdf

All Rights Reserved | Privacy Policy | website by www.CobsWebs.com

Connect with us :

  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon
CIPD-Logo.png