Policies | Platinum International Limited
 0845 063 9999      info@platinuminternational.com Manchester, England, M17 1SA

PLATINUM POLICIES

General Terms & Conditions

These Terms and Conditions govern your use of the Company website (the “Company Site”) and your relationship with Platinum International Ltd, formally UK Batteries Limited (the “Company”, “we” or “us”). Please read them carefully as they affect your rights and liabilities under the law. If you do not agree to these Terms and Conditions, please do not register for or use the Company Site. If you have any questions on the Terms and Conditions, please contact web@platinuminternational.com

1          Use of the Company Site

1.1       The Company Site is provided to you for your use subject to these Terms and Conditions. By using the Company Site you agree to be bound by these Terms and Conditions. References to these Terms and Conditions include:

1.1.1     the terms and conditions upon which we provide customers with credit accounts for access to any services provided by means of the Company Website; and,

1.1.2     the terms and conditions upon which any such services are provided by the Company.

2          Amendments

2.1       We may update these Terms and Conditions from time to time for legal or regulatory reasons or to allow the proper operation of the Company Site. Any changes will be notified to you via the e-mail address provided by you on registration or via a suitable announcement on the Company Site. The changes will apply to the use of the Company Site after we have given notice. If you do not wish to accept the new Terms and Conditions you should not continue to use the Company Site. If you continue to use the Company Site after the date on which the change comes into effect, your use of the Company Site indicates your agreement to be bound by the new Terms and Conditions.

3          Registration

3.1       You must ensure that the details provided by you on registration or at any time are correct and complete.

3.2       You must inform us immediately of any changes to the information that you provided when registering by updating your personal details in order that we can communicate with you effectively.

4          Access to services; password and security

4.1       To access and/or use certain services on the Company Site you will need to set up a web account with the Company. To set up a web account please contact fitment@platinuminternational.com. When your web account has been set up you will be given a username and password. You may then change your password if you so wish at any time when using the service. In order to prevent fraud, you must keep your user name and password confidential and must not disclose them or share them with anyone. If you know or suspect that someone else knows your user name and/or password you should notify us by contacting fitment@platinuminternational.com immediately.

4.2       If the Company has reason to believe that there is likely to be a breach of security or misuse of the Company Site, we may require you to change your password or we may suspend your account.

5          Intellectual property

5.1       The content of the Company Site is protected by copyright, trade marks, database right and other intellectual property rights. You may retrieve and display the content of the Company Site on a computer screen, store such content in electronic form on disk (but not any server or other storage device connected to a network) or print one copy of such content for your own personal, non-commercial use, provided you keep intact all and any copyright and proprietary notices. You may not otherwise reproduce, modify, copy or distribute or use for commercial purposes (except as provided in the Terms and Conditions of any services available on the website) any of the materials or content on the Company Site without written permission from the Company.

6          Your use of the Company Site

6.1       You may not use the Company Site for any of the following purposes:

6.1.1     disseminating any unlawful, harassing, libellous, abusive, threatening, harmful, vulgar, obscene, or otherwise objectionable material or otherwise breaching any laws;

6.1.2     transmitting material that encourages conduct that constitutes a criminal offence, or otherwise breaches any applicable laws, regulations or code of practice;

6.1.3     interfering with any other person’s use or enjoyment of the Company Site; or

6.1.4     making, transmitting or storing electronic copies of materials protected by copyright without the permission of the owner.

6.2       You will be responsible for our losses and costs resulting from your breach of this clause 6.

7          Availability of the Company Site

7.1       Although we aim to offer you the best service possible, we make no promise that the services at the Company Site will meet your requirements. We cannot guarantee that the services will be fault-free. If a fault occurs with the Company Site you should report it to web@platinuminternational.com and we will attempt to correct the fault as soon as we reasonably can.

7.2       Your access to the Company Site may be occasionally restricted to allow for repairs, maintenance or the introduction of new facilities or services. We will attempt to restore the service as soon as we reasonably can.

8          The Company’s liability

8.1       The Company Site provides content from other Internet sites or resources and while the Company tries to ensure that material included on the Company Site is correct, reputable and of high quality, it does not make any warranties or guarantees in relation to that content. If the Company is informed of any inaccuracies in the material on the Site we will attempt to correct the inaccuracies as soon as we reasonably can.

8.2       Nothing in these Terms and Conditions limit or exclude the Company’s liability for:

8.2.1     death or personal injury caused by the Company’s negligence; or

8.2.2     fraud or fraudulent misrepresentation.

8.3       Subject to clause 8.2, the Company will under no circumstances whatever be liable to you, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, arising under or in connection with your access to and use of the Company Site for:

8.3.1     any loss of profits, sales, business, or revenue;

8.3.2     loss or corruption of data, information or software;

8.3.3     loss of business opportunity;

8.3.4     loss of anticipated savings;

8.3.5     loss of goodwill; or

8.3.6     any indirect or consequential loss.

8.4       Subject to clause 8.2 and clause 8.3, the Company’s total liability to you in respect of all other losses arising under or in connection with your access to and use of the Company Site, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, shall in no circumstances exceed £3,000.

8.5       Except as expressly stated in these Terms and Conditions, the Company does not give any representation, warranties or undertakings in relation to your access to and use of the Company Site. Any representation, condition or warranty which might be implied or incorporated into these Terms and Conditions by statute, common law or otherwise is excluded to the fullest extent permitted by law. In particular, the Company will not be responsible for ensuring that the Company Site and its contents are suitable for your purposes.

9          Third Party Websites

9.1       As a convenience to customers, the Company Site may include links to other web sites or material which are beyond its control. Where it does, the Company is not responsible for content on any site outside the Company Site.

10        Advertising and Sponsorship

10.1      Part of the Company Site may contain advertising and sponsorship. Advertisers and sponsors are responsible for ensuring that material submitted for inclusion on the Company Site complies with relevant laws and codes. We will not be responsible to you for any error or inaccuracy in advertising and sponsorship material.

11        Applicable Law

11.1      These Terms and Conditions will be subject to the laws of England and Wales. We will try to solve any disagreements quickly and efficiently. If you are not happy with the way we deal with any disagreement and you want to take court proceedings, you must do so within the United Kingdom.

12        International Use

12.1      We make no promise that materials on the Company Site are appropriate or available for use in locations outside the United Kingdom, and accessing the Company Site from territories where its contents are illegal or unlawful is prohibited. If you choose to access this site from locations outside the United Kingdom, you do so on your own initiative and are responsible for compliance with local laws.

13        Miscellaneous

13.1      You may not transfer any of your rights under these Terms and Conditions to any other person. We may transfer our rights under these Terms and Conditions to another business where we reasonably believe your rights will not be affected.

13.2      If you breach these Terms and Conditions and the Company chooses to ignore this, the Company will still be entitled to use its rights and remedies at a later date or in any other situation where you breach the Terms and Conditions.

13.3      The Company shall not be responsible for any breach of these Terms and Conditions caused by circumstances beyond its reasonable control.

13.4      The Company Site is owned and operated by Platinum International Ltd, Platinum House, Bailey Road, Trafford Park, Manchester M17 1SA United Kingdom.

13.5      If you have any queries please contact web@platinuminternational.com.

The Company Registration No. 04397197

The Company VAT No. GB784109712

Last update: [01/05/18]

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers
Platinum Privacy Notice – Master (GDPR 02)

 

The General Data Protection Regulations (GDPR) supports us in looking after your privacy. 

 

We issue this privacy notice in the interests of transparency as to how we collect and use (‘Process’) the personal data that we collect, whether we are in the process of exploring potential business opportunities by looking to do business together, continuing our relationship with you once we have provided goods or services, receiving goods or services from you, using your data to ask for your assistance in relation to one of our employees, ex-employees or applicants, or you are visiting our website. Our data security means that we hold all personal data securely and limit access to those who need to see it.

 

This document describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. This Privacy Policy applies to the personal data of our Website Users, Customers, Suppliers and other people whom we may contact in order to provide our goods and services. It also applies to the emergency contacts of our Staff (next of kin). However, if you are an Applicant, Employee or Ex-employee you should refer to the Platinum Privacy Notice for Employees which is available on both the Platinum Intranet and on this website.

 

For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”) and the DPA 2018, the company responsible for your personal data is Platinum International (‘Platinum’ or ‘us’). This Privacy Policy applies in relevant countries throughout our international network. We will ensure compliance with all applicable data privacy protections legislation, no matter where you are.

 

It is important to point out that we may amend this Privacy Policy from time to time. To stay up to date, please visit this page to stay up to date, as we will post any changes here.

 

If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these as well.

 

DEFINITIONS

Candidates – includes applicants for all roles advertised by Platinum International, including permanent, part-time and temporary positions; as well as people who have supplied a speculative CV to Platinum International not in relation to a specific job. Individual contractors, freelance workers and employees of suppliers or other third parties put forward for roles with Platinum International will be treated as candidates for the purposes of this Privacy Policy.

 

Company – Platinum International Ltd, the Company’s Subsidiaries or Holding Companies and any Subsidiary of any holding Company.

 

Customers – this category covers our customers, clients, and others to whom Platinum International provides goods and/ or services in the course of its business.

 

Data Controller – means the person or organisation who determines the purposes for which and the manner in which any personal data is processed.

 

General Data Protection Regulation (GDPR) – a European Union statutory instrument which aims to harmonise European data protection laws. It has an effective date of 25 May 2018, and any references to it should be construed accordingly to include any national legislation implementing it.

 

Personal data – means any information relating to an identified or identifiable living person.

 

Personal Data – Sensitive/ Special categories – means personal data consisting of information as to:

  1. the racial or ethnic origin of the individual;
  2. their political opinions;
  3. their religious or philosophical beliefs;
  4. their membership of a trade union;
  5. their physical or mental health or condition;
  6. their sexual life;
  7. the commission or alleged commission by them of any offence;
  8. any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings;
  9. genetic data; and
  10. biometric data where processed to uniquely identify a person (for example a photo in an electronic passport).

 

Staff – includes employees and interns engaged directly in the business of Platinum International (or who have accepted an offer to be engaged) as well as certain other workers engaged in the business of providing services to Platinum International (even though they are not classed as employees). Independent contractors and consultants performing services for Platinum International fall within the definition of a ‘Supplier’ for the purposes of this Privacy Policy.

 

Suppliers – refers to partnerships and companies (including sole traders), and atypical workers such as independent contractors and freelance workers, who provide services to Platinum International. In certain circumstances Platinum International will sub-contract the services it provides to Clients to third party suppliers who perform services on Platinum International’s behalf. In this context, suppliers that are individual contractors, freelance workers, or employees of suppliers will be treated as Candidates for data protection purposes. Please note that in this context, Platinum International requires Suppliers to communicate the relevant parts of this Privacy Policy (namely the sections directed at Candidates) to their employees.

 

Website Users – any individual who accesses any of the Platinum International websites.

 

WHAT KIND OF INFORMATION DO WE COLLECT?

  1. As an independent battery and lubricants distributor, we collect personal data from our Website users, Customers, Suppliers and other people whom we may contact in order to provide our goods and services. The information described below is in addition to any personal data we are required by law to process in any given situation.
    1. Customer Data: We collect a very limited amount of customer data. We generally only need to have your contact details or the details of individual contacts at your organisation (such as their names, telephone numbers, addresses and email addresses), business details for credit checking purposes and Bank payment details, to enable us to process credit payments and to prove your business credentials. These are all to ensure that our relationship runs smoothly. We also hold information relating to your online engagement and other material published by Platinum International, which we use to ensure that our marketing communications to you are relevant and timely. We may also hold extra information that someone in your organisation has chosen to tell us. In certain circumstances, such as when you engage with our Finance and Customer Services teams, the calls with you may be recorded or monitored, depending on the applicable local laws and requirements. If you visit any of our sites you will be asked to ‘sign in’ so that we know who is in the building. In addition, we use CCTV in and around all our Company controlled buildings and locations to monitor behaviour for security and Health & Safety purposes. If we need any additional personal data for any reason, we will let you know.
      1. When you access our website we will also collect certain data from you. If you would like more information about this, please see our Cookie Policy on our website.

 

  1. Supplier Data: The data we collect about our suppliers is also very limited as we simply need to make sure that our relationship runs smoothly. We will collect the details for our contacts within your organisation, such as names, telephone numbers and email addresses. We’ll also collect bank details, so that we can pay you. In certain circumstances, such as when you engage with our Finance and Customer Services teams, the calls with you may be recorded or monitored, depending on the applicable local laws and requirements. If you visit any of our sites you will be asked to ‘sign in’ so that we know who is in the building. In addition, we use CCTV in and around all our Company controlled buildings and locations to monitor behaviour for security and Health & Safety purposes. If we need any additional personal data for any reason, we will let you know. If we need any additional personal data for any reason, we will let you know.
    1. When you access our website we will also collect certain data from you. If you would like more information about this, please see our Cookie Policy on our website.

 

  1. People whose data we receive from applicants and staff, such as referees and emergency contacts/ next of kin: From referees we need confirmation of what you know about our employee or prospective employee, so that we can confirm their work history. Emergency contact/ Next of kin details give us somebody to make contact with in an emergency. To ask for a reference, we need the referee’s contact details (such as name, address, email address and telephone number). We also need these details if an employee has put you down as their emergency contact, so that we can contact you in the event of an accident or an emergency.

 

  1. Website Users: We collect data from our Website Users which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes information such as how you use our website, the frequency with which you access our website, your browser type, the location you view our website from, the language you choose to view it in and the times that our website is most popular. If you contact us via the website, for example by using a chat function, we will collect any information that you provide to us, for example your name and contact details.
    1. When you access our website we will also collect certain data from you. If you would like more information about this, please see our Cookie Policy on our website.

 

HOW DO WE COLLECT YOUR INFORMATION?

  1. We collect personal data in a number of ways, but it is usually provided by you directly to us:
    1. Personal data we receive from you:
      1. When you proactively contact us, usually by phone or email and give us personal data. Please note all our phone call make to any Platinum International controlled location may be logged, monitored or recorded for training, verification or Health & Safety purposes.
      2. When we contact you, by phone, email or through our employees’ (usually a member of our sales team) business development activities.
    2. Personal data we receive from other sources:
      1. As appropriate, we may seek more information about you from other sources, generally by way of due diligence or other market intelligence including from third party market research and by analysing online and offline media (which we may do ourselves, or employ other organisations to do for us); and
      2. From other limited sources and third parties (for example from other customers to the extent that they provide us with your details).
    3. Personal data we collect via our website:
      1. When you access our website we may collect your data automatically or through you providing it to us. When you visit our website there is certain information that we may automatically collect, whether or not you decide to use our services. This includes your IP address, the date and the times and frequency with which you access the website and the way you browse its content. We will also collect data from you when you contact us via the website. We also collect your data automatically via cookies, in line with cookie settings in your browser. If you are also a Customer, Supplier or third party of Platinum International, we may use data from your use of our websites to enhance other aspects of our communications with or service to you. If you would like to find out more about cookies, including how we use them and what choices are available to you, please see our Cookie Policy on our website.

 

HOW WILL YOUR INFORMATION BE USED?

Business Activities

  1. As a business, the Company needs to keep and process personal information as part of our normal business of selling and distributing batteries and lubricants, and returning scrap. We store your details on our systems (and update them when necessary), so we can make contact in relation to doing business together (purchase, sales and distribution activities and services);
    1. Keep records of conversations and meetings, so that we can better purchase or provide products and services from/ to you;
    2. Undertake customer and supplier satisfaction surveys;
    3. Processing your data to enable us to send you targeted, relevant marketing materials or other communications which we think are likely to be of interest to you.
    4. Assessing data about business requirements and opportunities which we may think are suitable for you;
    5. Allowing you to participate in specialist online training;
    6. Allowing you to participate in the interactive features of our services, when you choose to do so;
    7. Carrying out our obligations arising from any contracts entered into between us;
    8. Carrying out our obligations arising from any contract entered into between Platinum International and third parties in relation to conducting business;
    9. Facilitating our payroll and invoicing processes;
    10. Verifying details you have provided, using third party resources (such as credit safe or Companies House), or to request information (such as references, potentially any criminal convictions, to the extent that is appropriate and in accordance with local laws);
    11. Complying with our legal obligations in connection with the detection of crime or the collection of taxes or duties; and

 

  1. We may use your personal data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not happy about this, in certain circumstances you have the right to object and can find out more about how and when to do this in this document.

 

  1. We may periodically send you information that we think you may find interesting or relevant. In particular, we may wish to use your data for the purposes listed below, where appropriate and in accordance with any local laws and requirements. Please note that this list is not exhaustive. To:
    1. enable us to develop and market other products and services;
    2. market our full range of products, services and activities to you;
    3. send you details of reports, promotions, offers, networking and customer events, and general information about the industry sectors which we think might be of interest to you;
    4. display promotional excerpts from your details on Platinum International’s website(s) and/ or Company Magazine as a success story (only where we have obtained your express consent to do so); and
    5. provide you with information about certain discounts and offers that you are eligible for, by virtue of your relationship with Platinum International.

 

  1. We need your consent for some aspects of these activities which are not covered by our legitimate business interests (in particular, the collection of data via cookies and the delivery of direct marketing to you through digital channels) and, depending on the situation, we will ask for this via an opt-in or soft-opt-in.

 

  1. Soft opt-in consent is a specific type of consent which applies where you have previously engaged with us (for example by submitting an Account Opening form, or by purchasing our goods or services), we would be marketing other battery or lubricant related products, services or activities. Under ‘soft opt-in’ consent, we will take your consent as given unless or until you opt out. For most people, this is beneficial as it allows us to suggest other products and services to you alongside the specific one you contacted us for. This significantly increases the likelihood of us being able to provide you with a better level of product or service which you may require. For other types of e-marketing, we are required to obtain your explicit consent.

 

  1. If you are not happy about our approach to marketing, you have the right to withdraw your consent at any time and can find out more about how to do so in this document. If you have opted out from our marketing communications through our preference centre, it is possible that your details may be recaptured through public sources in an unconnected marketing campaign. We will try to make sure this does not happen, but if it does, we are sorry and we would ask that in those circumstances you opt out again.

 

  1. All our marketing is based on what we think will serve our Customers best. We will always try to get it right, but we know it will not always be right for everyone. We may use your data to show you Platinum International adverts and other content on other websites, for example Facebook. If you do not want us to use your data in this way, please turn off the “Advertising Cookies” option (please refer to our Cookies Policy). Even where you have turned off advertising cookies, it is still possible that you may see a Platinum International advert, but in this case it will not have been targeted at you personally, but rather at an anonymous audience.

 

  1. We may use personal data to help us establish, exercise or defend legal claims.

 

  1. We use CCTV in and around all our Company controlled buildings and locations to monitor behaviour and for security and Health & Safety purposes. In addition we use locational tracking devices in company computers, phones and in Company controlled vehicles to monitor a device’s physical location for the purposes of performance management reviews, security, Health & Safety information and for delivery information purposes which may be supplied to third parties within Europe (EEA).

 

Customer Data

  1. We may use your personal data for our business purposes, if we deem this to be necessary for our legitimate interests.
    1. If you are not happy about this, in certain circumstances you have the right to object and can find out more about how and when to do in this document.

 

  1. We will not, as a matter of course, seek your consent when sending marketing materials to a corporate postal or email address.
    1. If you are not happy about this, you have the right to opt out of receiving marketing materials from us and you can find out more about how and when to do in this document.

 

  1. In certain and more unusual circumstances, we may use your personal data to help us to establish, exercise or defend legal claims.

 

Supplier Data

  1. We will only use your information to:
    1. Store (and update when necessary) your details on our database, so that we can contact you in relation to our agreements;
    2. Offer products and services to you or to obtain your support, products and services from you;
    3. Perform certain legal obligations;
    4. Help us to target appropriate marketing campaigns; and
    5. In more unusual circumstances, to help us to establish, exercise or defend legal claims.

 

  1. We may use your personal data for these purposes, if we deem this to be necessary for our legitimate interests.

 

  1. We will not, as a matter of course, seek your consent when sending marketing messages to a corporate postal or email address.
    1. If you are not happy about this, in certain circumstances you have the right to object and can find out more about how to do so here.

 

People whose data we receive from Applicants and Colleagues, such as Referees and Emergency Contacts

  1. We will only use the information that an Applicant or a Platinum Colleague gives us about you, for the following purposes:
    1. If our a candidates or Platinum colleague puts you down on our form as an emergency contact, we may contact you in the case of an accident or emergency affecting them; or
    2. If you were put down by an applicant, prospective member of Staff or a Platinum colleague as a referee, we will contact you in order to take up a reference. This is an important part of our quality assurance process and could be the difference between the individual getting a job or not.

 

  1. We may use your personal data for these purposes if we deem this to be necessary for our legitimate interests.
    1. If you are not happy about this, you have the right to object and can find out more about how to do so here.

 

Website Users

  1. We use your data to help us to improve your experience of using our website, for example by analysing your recent search criteria to help us to present products and services to you that we think you will be interested in.
    1. If you would like to find out more about cookies, including how we use them and what choices are available to you, please see our Cookies Policy.

 

OUR LEGAL BASES FOR PROCESSING YOUR DATA?

LEGITIMATE INTERESTS

  1. Article 6(1)(f) of the GDPR sets out that we can process your data where it “is necessary for the purposes of the legitimate interests pursued by [us] or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of [you] which require protection of personal data.”

 

  1. We do not think that any of the following activities prejudice individuals in any way rather they enable us to offer you a more tailored, efficient service to our customers, suppliers and to other third parties. However, you do have the right to object to us processing your personal data on this basis. If you would like to know more about how to do so, please see ‘Your Rights’.

 

Customer Data

  1. We believe that it is reasonable to expect that if you are looking to do business with us, you are happy for us to collect and otherwise use your personal data to offer or provide our business services to you. Once it is looking like we may do business, we may also want to double check any information you have provided to us business references and credit checks. We need to do these things so that we can function as a profit-making business.

 

  1. We want to provide you with tailored product recommendations and relevant articles to read to help you serve your customers better. We therefore think it’s reasonable for us to process your data to make sure that we send you the most appropriate content.

 

  1. In order for our business to run smoothly, we also need to use your data for our internal administrative activities, such as Finance (where invoicing and credit insurance is relevant), Sales Management and Customer Services (so we can make contact with you and maintain our relationship).

 

  1. We have our own legal obligations and if we believe, in good faith, that it is necessary we may share your data in connection with crime detection, tax collection or actual or anticipated litigation.

 

  1. To ensure that we provide you with the best service possible, we store your personal data and/ or the personal data of individual contacts at your organisation as well as keeping records of our conversations, meetings, registered jobs and placements. From time to time, we may also ask you to undertake a customer satisfaction survey. We think this is reasonable – we deem these uses of your data to be necessary for our legitimate interests as an organisation providing various recruitment services to you.

 

Supplier Data

  1. We use and store the personal data of individuals within your organisation in order to facilitate the receipt of products and services from you, as one of our Suppliers. We also hold your financial details, so that we can pay you for your products and services. We deem all such activities to be necessary within the range of our legitimate interests as a recipient of your services.

 

  1. To ensure that we can provide consistent and robust supply chains, we store your personal data and/ or the personal data of individual contacts at your organisation as well as keeping records of our conversations, meetings, and registered product and service orders. We think this is reasonable and we deem these uses of your data to be necessary for our legitimate interests as an organisation providing product and service orders to you.

 

People whose data we receive from applicants and staff, such as Referees and Emergency Contacts:

  1. If you have been put down by an applicant or by a prospective member of Staff as one of their referees, we use your personal data in order to contact you for a reference. This is a part of our quality assurance procedure and so we deem this to be necessary for our legitimate interests as an organisation which employs people.

 

  1. If an applicant or staff member has given us your details as an emergency contact, we will use these details to contact you in the case of an accident or emergency. We are sure you will agree that this is a vital element of our people-orientated organisation, and so is necessary for our legitimate interests.

 

CONSENT

  1. In certain circumstances, we are required to obtain your consent to the processing of your personal data in relation to certain activities. Depending on exactly what we are doing with your information, this consent will be opt-in consent or soft opt-in consent.

 

  1. Article 4(11) of the GDPR states that (opt-in) consent is “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” In plain language, this means that:
    1. you have to give us your consent freely, without us putting you under any type of pressure;
    2. you have to know what you are consenting to – so we’ll make sure we give you enough information;
    3. you should have control over which processing activities you consent to and which you do not. We provide these finer controls within our privacy preference centre; and
    4. you need to take positive and affirmative action in giving us your consent – we are likely to provide a tick box for you to check so that this requirement is met in a clear and unambiguous fashion.

 

  1. We will keep records of the consents that you have given in this way.

 

  1. We have already mentioned that, in some cases, we will be able to rely on soft opt-in consent. We are allowed to market products or services to you which are related to the services we provide, as long as you do not actively opt-out from these communications.

 

  1. As we have mentioned, you have the right to withdraw your consent to these activities. You can do so at any time, and details of how to do so can be found here.

 

ESTABLISHING, EXERCISING OR DEFENDING LEGAL CLAIMS

  1. Sometimes it may be necessary for us to process personal data and, where appropriate and in accordance with local laws and requirements, sensitive personal data in connection with exercising or defending legal claims. Article 9(2)(f) of the GDPR allows this where the processing “is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity”.

 

  1. This may arise for example where we need to take legal advice in relation to legal proceedings or are required by law to preserve or disclose certain information as part of the legal process.

 

WHO DO WE SHARE PERSONAL DATA WITH?

  1. Where appropriate we may share your personal data, in various ways and for various reasons, with the following categories of people:
    1. Any of our group companies;
    2. Individuals and organisations who hold information related to a business reference or application to do business with us, such as current or past suppliers, customers and insurers etc.;
    3. Tax, audit, or other authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation);
    4. Third party service providers who perform functions on our behalf (including external consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems);
    5. Third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place;
    6. Marketing technology platforms and suppliers;

 

HOW DO WE SAFEGUARD YOUR PERSOANL DATA?

  1. We are committed to taking all reasonable and appropriate steps to protect the personal information that we hold from misuse, loss, or unauthorised access. We do this by having in place a range of appropriate technical and organisational measures. These include measures to deal with any suspected data breach.

 

  1. If you suspect any misuse or loss of or unauthorised access to your personal information please let us know immediately. Details of how to contact us can be found below.

 

HOW DO WE STORE AND TRANSFER YOUR DATA INTERNATIONALLY?

  1. To enable us to conduct international business, your data may be transferred:
    1. between and within Platinum International entities and employees;
    2. to third parties (such as suppliers, customers and advisors to the Platinum International business);
    3. to a cloud-based storage provider; and
    4. to other third parties, as referred to here.

 

  1. We want to make sure that your data are stored and transferred in a way which is secure. We will therefore only transfer data outside of the European Economic Area or EEA (i.e. the Member States of the European Union, together with Norway, Iceland and Liechtenstein) where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data or where it is necessary for the conclusion:
    1. For the performance of a contract between ourselves and a third party and the transfer is in your interests for the purposes of that contract (for example, if we need to transfer data outside the EEA in order to meet our obligations under that contract if you are a customer or supplier of ours); or
    2. where you have consented to the data transfer.

 

  1. To ensure that your personal information receives an adequate level of protection, we have put in place appropriate procedures with the third parties we share your personal data with to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the law on data protection.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?

  1. We will keep personal data for no longer than is necessary, having regard to the original purpose for which the data was processed. In some cases we will be legally obliged to keep your data for a set period.

 

YOUR RIGHTS – HOW TO ACCESS, AMEND OR TAKE BACK THE PERSONAL DATA?

  1. One of the General Data Protection Regulation’s (GDPR’s) main objectives is to protect and clarify the rights of EU citizens and individuals in the EU with regards to data privacy. Under the GDPR and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. In summary of the below:
    1. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability. This means that you retain various rights in respect of your personal data, even once you have given it to us. These are described in more detail below.
    2. If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
    3. We can refuse to comply with any request if we can demonstrate compelling and legitimate grounds for processing, which override your interests, rights and freedoms or where there is another legitimate or legal reason for keeping the data. These include but are not limited to where we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms; or if the processing is for the establishment, exercise or defence of legal claims.

 

  1. To get in touch about these rights, please contact us (for further information please see the ‘Complaints’ section). We will seek to deal with your request without undue delay, and in any event within one month (subject to any extensions to which we are lawfully entitled). Please note that we may keep a record of your communications to help us resolve any issues which you raise.

 

  1. Right to object: this right enables you to object to us processing your personal data where we do so for one of the following four reasons: (i) our legitimate interests; (ii) to enable us to perform a task in the public interest or exercise official authority; (iii) to send you direct marketing materials; and (iv) for scientific, historical, research, or statistical purposes.

 

  1. The “legitimate interests” and “direct marketing” categories above are the ones most likely to apply to our Website Users, Customers and Suppliers. If your objection relates to us processing your personal data because we deem it necessary for your legitimate interests, we must act on your objection by ceasing the activity in question unless:

 

  1. we can show that we have compelling legitimate grounds for processing which overrides your interests; or
  2. we are processing your data for the establishment, exercise or defence of a legal claim.

 

  1. If your objection relates to direct marketing, we must act on your objection by ceasing this activity.

 

  1. Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for our marketing activities), you may withdraw this consent at any time and we will cease to carry out the particular activity that you previously consented to unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose in which case we will inform you of this condition.

 

  1. Data Subject Access Requests (DSAR): You may ask us to confirm what information we hold about you at any time, and request us to modify, update or delete such information. We may ask you to verify your identity and for more information about your request. If we provide you with access to the information we hold about you, we will not charge you for this unless your request is “manifestly unfounded or excessive”. If you request further copies of this information from us, we may charge you a reasonable administrative cost where legally permissible. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.

 

  1. Right to erasure: You have the right to request that we erase your personal data in certain circumstances. Normally, the information must meet one of the following criteria:
    1. the data are no longer necessary for the purpose for which we originally collected and/ or processed them;
    2. where previously given, you have withdrawn your consent to us processing your data, and there is no other valid reason for us to continue processing;
    3. the data has been processed unlawfully (i.e. in a manner which does not comply with the GDPR);
    4. it is necessary for the data to be erased in order for us to comply with our legal obligations as a data controller; or
    5. if we process the data because we believe it necessary to do so for our legitimate interests, you object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.

 

  1. We would only be entitled to refuse to comply with your request for one of the following reasons:
    1. to exercise the right of freedom of expression and information;
    2. to comply with legal obligations or for the performance of a public interest task or exercise of official authority;
    3. for public health reasons in the public interest;
    4. for archival, research or statistical purposes; or
    5. to exercise or defend a legal claim.

 

  1. When complying with a valid request for the erasure of data we will take all reasonably practicable steps to delete the relevant data.

 

  1. Right to restrict processing: You have the right to request that we restrict our processing of your personal data in certain circumstances. This means that we can only continue to store your data and will not be able to carry out any further processing activities with it until either: (i) one of the circumstances listed below is resolved; (ii) you consent; or (iii) further processing is necessary for either the establishment, exercise or defence of legal claims, the protection of the rights of another individual, or reasons of important EU or Member State public interest.

 

  1. The circumstances in which you are entitled to request that we restrict the processing of your personal data are:
    1. where you dispute the accuracy of the personal data that we are processing about you. In this case, our processing of your personal data will be restricted for the period during which the accuracy of the data is verified;
    2. where you object to our processing of your personal data for our legitimate interests. Here, you can request that the data be restricted while we verify our grounds for processing your personal data;
    3. where our processing of your data is unlawful, but you would prefer us to restrict our processing of it rather than erasing it; and
    4. where we have no further need to process your personal data but you require the data to establish, exercise, or defend legal claims.

 

  1. If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.

 

  1. Right to rectification: You also have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. Where appropriate, we will also tell you which third parties we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.

 

  1. Right of data portability: If you wish, you have the right to transfer your personal data between data controllers. In effect, this means that you are able to transfer your Platinum International account details to another online platform. To allow you to do so, we will provide you with your data in a commonly used machine-readable format that is password-protected so that you can transfer the data to another online platform. Alternatively, we may directly transfer the data for you. This right of data portability applies to: (i) personal data that we process automatically (i.e. without any human intervention); (ii) personal data provided by you; and (iii) personal data that we process based on your consent or in order to fulfil a contract.

 

  1. Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority. Details of how to contact them can be found in the ‘Complaints’ section).

 

  1. If you would like to exercise any of these rights, or withdraw your consent to the processing of your personal data (where consent is our legal basis for processing your personal data), details of how to contact us can be found in the ‘Complaints’ section. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

 

  1. You may ask to unsubscribe from your marketing activities at any time.

 

  1. It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold your data.

 

 

 

COMPLAINTS

  1. If you think we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data, you have a specific right to lodge a complaint with the relevant supervisory authority. The supervisory authority will then inform you of the progress and outcome of your complaint. The supervisory authority in the UK is the Information Commissionaire’s Office (ICO).

 

  1. Platinum International Ltd and Platinum International BV (Platinum International Ltd, Platinum House, Bailey Rd, Trafford Park, Manchester, M17 1SA. Company Registration Number 4397197) is the controller and processor of data for the purposes of the DPA 18 and GDPR.

 

  1. If you have any concerns as to how your data is processed you can contact: Mark Broomhead – HR, Quality & Systems Manager at GDPR@platinuminternational.com or you can write using the address of Platinum International Ltd, Platinum House, Bailey Rd, Trafford Park, Manchester, M17 1SA.

 

  1. You can notify Platinum International Ltd of any changes to your personal data, by contacting the HR Department or emailing HR@platinuminternational.com

Privacy Policy written by Platinum International Ltd © 2018 – v.1. April 2018

Introduction

This statement sets out Platinum International Limited’s actions to understand all potential modern slavery risks related to our business and to put in place steps that are aimed at ensuring that there is no slavery or human trafficking within our own business and our supply chains. This statement relates to actions and activities during the current financial year.
We are absolutely committed to preventing slavery and human trafficking in our business activities, and to ensuring that our supply chains are free from slavery and human trafficking.

Platinum International & Supply Chain Overview

The automotive supply chain is one of the most complicated of any industry. There are often six to ten levels of suppliers between an automaker and the source of raw materials that enter the manufacturing process, of which we form a part.

The breadth, depth and interconnectedness of the automotive supply chain make it challenging to effectively manage business and sustainability issues. Respecting human rights and environmental issues in the supply chain is ultimately our suppliers’ responsibility. As customers, however, we play an active role in supplier development and have adopted various means to clearly communicate our expectations to our suppliers.

We operate from a number of sites which are based throughout the United Kingdom and typically our customers are businesses in the following channels and sectors:

  • After-Market
  • Agricultural
  • Commercial
  • Fast Fit
  • Golf
  • Industrial
  • Leisure
  • Marine
  • Motor Accessories
  • OE (Original Equipment) / OES (Original Equipment Supply)

As a company, Platinum International supplies automotive parts, such as Batteries, and automotive consumables, such as Oil to an international market. All products that we purchase, within our supply chain, are highly technical products which require a high degree of:

  • Automated specialist production,
  • Consistent product delivery standards, and are typically
  • Tier 1 manufacturers

The above nature of products that we purchase typically defines our supply chain as being not labour intensive, requires specialist operators and is highly automated. For suppliers, this creates barriers to entry without significant financial investment in both machinery and human capital.

Supply Chain Standards

Our supply chains include the sourcing of finished products related to the provision of automotive parts, such as Batteries, and automotive consumables, such as Oil.

We expect all those in our supply chain to comply with our zero tolerance approach to slavery and human trafficking. Suppliers must act ethically and within the law, in their use of labour. Should suppliers become unable to meet this standard, we would look to terminate the business relationship.

In our standard procurement process, we issue purchase orders that incorporate our Terms and Conditions. The T&Cs are further supplemented by Company Policies, which expand on our expectations and suppliers’ obligations on specific topics. For example, our Corporate Governance Policy sets out the prohibition of child labour, forced labour (including human trafficking), physical disciplinary abuse and any infraction of the law. Additionally it also covers our Social Responsibility, Anti-Corruption and our Environmental requirements. Our Corporate Governance Policy seeks to challenge the violation of Human Rights, Basic Working Conditions and uphold good Corporate Responsibility. This is in order to address workplace issues such as working hours, child labour, forced labour, non-discrimination, freedom of association, Health & Safety and environmental concerns.

This policy applies to our own Company and we encourage businesses throughout our supply chain to adopt and enforce similar policies, in their own operations. Furthermore, we seek to identify and do business with companies that have aligned standards consistent with our Corporate Governance Policy.

 

Slavery and Human Trafficking
Slavery and forced labour can take many forms, including human trafficking or child labour. Platinum’s Corporate Governance Policy, clearly states that we will not tolerate forced labour (including human trafficking) or child labour.

In our supply chain we conduct site visits of our manufacturing partners to ensure compliance. These include actions to safeguard against human rights abuses (including forced labour and human trafficking) in our supply chain. For example our Company Policies forbid the use of forced labour, child labour and physically abusive disciplinary practices. Our definition of forced labour is inclusive of human trafficking.

We reserve the right to terminate our relationship with a supplier if issues of non-compliance with our policies are discovered and/or noncompliance is not addressed in a timely manner.

We assess risk related to human trafficking and forced labour associated with our supply base. Our preliminary assessment is based upon the company, the geography, the commodity purchased and the nature of the business transaction. In 2016, as a result of this analysis, we added Indonesia to our list of high-priority countries. The high-priority country list, combined with our assessment history in a given country and engagement with the buying community, is used to prioritise our assessment efforts.

America’s – Argentina, Brazil, Columbia, Dominican Republic, Honduras, Mexico, Nicaragua and Venezuela.

Asia – China, India, Malaysia, the Philippines, Taiwan, Thailand and Vietnam

Europe, Middle East and Africa – Morocco, Romania, South Africa and Turkey

The Company Directors are responsible for compliance in their respective departments and for their supplier relationships.

Relevant Steps

We operate the following policies and procedures to identify modern slavery risks and prevent slavery and human trafficking in its operations:

Whistleblowing Policy
We encourage all our workers, customers and other business partners to report any concerns related to the direct activities, or the supply chains, of the Company. This includes any circumstances that may give rise to an enhanced risk of slavery or human trafficking. Our whistleblowing procedure is designed to make it easy for individuals to make disclosures, without fear of retaliation.

Corporate Governance Policy

The Company’s code makes clear to employees the actions and behaviour expected of them when representing the Company. We strive to maintain the highest standards of employee conduct and ethical behaviour when managing our supply chain.

Recruitment and use of agency staff

We use only specified, reputable employment agencies to source labour and verify the practices of any new agency we use using before accepting workers from that agency.

The Company ensures that all potential employees have the legal right to work in the UK and that relevant employment legislation is adhered to.

Equal Opportunities Policy

The Company operates an Equal Opportunities Policy which reflects our commitment to promoting a working environment that is free from discrimination, harassment and victimisation.  It is Company policy to provide equal employment opportunities to all employees regardless of personal status and to prohibit all forms of discrimination.  In order to achieve this, employment decisions will be based on merit, attributes, abilities and qualifications.

Due Diligence

The company undertakes due diligence when considering taking on new suppliers, and regularly reviews its existing suppliers.

Where possible, we build long standing relationships with local suppliers and make clear our expectations of business behaviour.

We have in place systems to encourage the reporting of concerns and the protection of whistleblowers.

We expect each supplier in the supply chain to, at least, adopt ‘one-up’ due diligence on the next link in the chain. It is not practical for us (and every other participant in the chain) to have a direct relationship with all links in the supply chain.

Performance Indicators

We use the following key performance indicators (KPIs) to measure how effective we have been in ensuring that slavery and human trafficking is not taking place in any part of our business or supply chains:

  • Use of the Whistleblowing Policy in relation to Modern Slavery and Human Trafficking.
  • Reviews of our recruitment and payroll systems to ensure recruitment practices remain legally compliant.
  • Reviews with our direct suppliers to understand the level of communication and personal contact with next link in the supply chain and their understanding of, and compliance with, our expectations.

Training

To ensure a high level of understanding of the risks of modern slavery and human trafficking in our supply chains and our business, we provide training to relevant members of staff.

  • We communicate our policies Corporate Governance and Whistle Blowing with all staff including our Purchasing team. Additionally, our Supply Chain and Procurement Directors regularly visit and assess suppliers to ensure Company policies and legal requirements are adhered to by our Supply Chain partners.
  • We regularly conduct visits of supplier factories to monitor compliance with Platinum’s expectations and legal requirements. If any issues are identified during an audit, the supplier is required to prepare a corrective action plan and resole all violations within an agreed upon time period.

All Directors have been briefed on the subject.

Board Member Approval

This statement has been approved by the Company’s Board of Directors, who will review and update it, where appropriate, annually.

Chris Taylor

Platinum Privacy Notice –

Applicants, Consultants, Employees (including Ex-Employees) and Workers (GDPR 01)

 

The General Data Protection Regulations (GDPR) supports us in looking after your privacy. 

 

We issue this privacy notice in the interests of transparency as to how we use (‘Process’) the personal data that we collect from job applicants, employees, ex-employees, workers and consultants (‘you’). This document details what information the Company stores, who is allowed to see it and how you can change it. Our data security means that we hold all personal data securely and limit access to those who need to see it.

 

This document describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. This Privacy Policy applies to the personal data of our Applicants, Employees and Ex-employees. However, for Website Users, Customers, Suppliers and other people whom we may contact in order to provide our goods and services or for emergency contacts of our Staff you should refer to the Platinum Privacy Notice – Master (GDPR 02) which is available on both the Platinum Intranet and on this website.

 

For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”) and the DPA 2018, the company responsible for your personal data is Platinum International (‘Platinum’ or ‘us). This Privacy Policy applies in relevant countries throughout our international network. We will ensure compliance with all applicable data privacy protection legislation, no matter where you are.

 

It is important to point out that we may amend this Privacy Policy from time to time. To stay up to date, please visit this page to stay up to date, as we will post any changes here.

 

If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these as well.

 

DEFINITIONS

Candidates – includes applicants for all roles advertised by Platinum International, including permanent, part-time and temporary positions; as well as people who have supplied a speculative CV to Platinum International not in relation to a specific job. Individual contractors, freelance workers and employees of suppliers or other third parties put forward for roles with Platinum International will be treated as candidates for the purposes of this Privacy Policy.

 

Company – Platinum International Ltd, the Company’s Subsidiaries or Holding Companies and any Subsidiary of any holding Company.

 

Customers – this category covers our customers, clients, and others to whom Platinum International provides goods and/or services in the course of its business.

 

Data Controller – means the person or organisation who determines the purposes for which and the manner in which any personal data is processed.

 

General Data Protection Regulation (GDPR) – a European Union statutory instrument which aims to harmonise European data protection laws. It has an effective date of 25 May 2018, and any references to it should be construed accordingly to include any national legislation implementing it.

 

Personal data – means any information relating to an identified or identifiable living person.

 

Personal Data – Sensitive/ Special categories – means personal data consisting of information as to:

  1. the racial or ethnic origin of the individual;
  2. their political opinions;
  3. their religious or philosophical beliefs;
  4. their membership of a trade union;
  5. their physical or mental health or condition;
  6. their sexual life;
  7. the commission or alleged commission by them of any offence;
  8. any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings;
  9. genetic data; and
  10. biometric data where processed to uniquely identify a person (for example a photo in an electronic passport).

 

Staff – includes employees and interns engaged directly in the business of Platinum International (or who have accepted an offer to be engaged) as well as certain other workers engaged in the business of providing services to Platinum International (even though they are not classed as employees). Independent contractors and consultants performing services for Platinum International fall within the definition of a ‘Supplier’ for the purposes of this Privacy Policy.

 

Suppliers – refers to partnerships and companies (including sole traders), and atypical workers such as independent contractors and freelance workers, who provide services to Platinum International. In certain circumstances Platinum International will sub-contract the services it provides to Clients to third party suppliers who perform services on Platinum International’s behalf. In this context, suppliers that are individual contractors, freelance workers, or employees of suppliers will be treated as Candidates for data protection purposes. Please note that in this context, Platinum International requires Suppliers to communicate the relevant parts of this Privacy Policy (namely the sections directed at Candidates) to their employees.

 

Website Users – any individual who accesses any of the Platinum International websites.

 

WHAT KIND OF INFORMATION DO WE COLLECT?

  1. As an independent battery and lubricants distributor, we collect personal data from our Website users, Customers, Suppliers and other people. This document deals with the information we collect from Employees, Workers, Applicants and Consultants whom we may contact as part of our day to day business. The information described below is in addition to any personal data we are required by law to process in any given situation.

 

  1. We may collect some or all of the information listed below to enable us to offer you employment opportunities and to manage our employment relationship. In some jurisdictions, we are restricted from processing some of the data outlined below (please note the list is not exhaustive). In such cases, we will not process the data in those jurisdictions:
    1. Name;
    2. Age/date of birth;
    3. Birth number;
    4. Sex/gender;
    5. Photograph;
    6. Marital status;
    7. Contact details;
    8. Education details;
    9. Employment history;
    10. Emergency contacts and details of any dependants;
    11. Referee details;
    12. Immigration status (whether you need a work permit);
    13. Nationality/ citizenship/ place of birth;
    14. A copy of your driving licence and/ or passport/ identity card;
    15. Financial information (where we need to carry out financial background checks);
    16. Social security number (or equivalent in your country) and any other tax-related information;
    17. Diversity information including racial or ethnic origin, religious or other similar beliefs, and physical or mental health, including disability-related information;
    18. Details of any criminal convictions if this is required for a role that you are interested in applying for;
    19. Details about your current remuneration, pensions and benefits arrangements;
    20. Information on your interests (hobbies etc.) and needs, both collected directly and inferred, for example from a job interview;
    21. Extra information that you choose to tell us;
    22. Extra information that your referees choose to tell us about you;
    23. Extra information that we find out, or that we find from other third party sources such as social media and job sites;
    24. IP address;
    25. The dates, times and frequency with which you access our services; and
    26. CCTV footage, if you attend our premises.

 

  1. To the extent that you access our website we will also collect certain data from you (please see our Cookies policy for further information).

 

HOW DO WE COLLECT YOUR INFROMATION?

  1. We collect personal data in a number of ways, but in the it is usually provided by you directly to us, in summary:
    1. Personal data we receive from you:
      1. When you proactively contact us, usually by phone or email and give us personal data. Please note phone calls make to and from any Platinum International controlled location may be logged, monitored or recorded for training, verification or Health & Safety purposes.
      2. When we contact you, by phone, email or through our employees’ (usually a member of our management or Recruitment teams) HR activities.
    2. Personal data we receive from other sources:
      1. As appropriate, we may seek more information about you from other sources, generally by way of due diligence or other market intelligence including from third party market research and by analysing online and offline media (which we may do ourselves, or employ other organisations to do for us); and
      2. From other limited sources and third parties (for example from referees to the extent that they provide us with your details).
    3. Personal data we collect via our website:
      1. When you access our website we may collect your data automatically or through you providing it to us. When you visit our website there is certain information that we may automatically collect, whether or not you decide to use our services. This includes your IP address, the date and the times and frequency with which you access the website and the way you browse its content. We will also collect data from you when you contact us via the website. We also collect your data automatically via cookies, in line with cookie settings in your browser. If you would like to find out more about cookies, including how we use them and what choices are available to you, please see our Cookie Policy on our website.

 

  1. Platinum International needs to know certain information about you in order to consider you for employment or to manage your employment relationship.

 

  1. There are numerous ways you can share your information with us. It all depends on what suits you. These may include:
    1. Entering your details on the Platinum International website or via an application form, as part of the candidate application process;
    2. Leaving or sending a hard copy CV to a Platinum International employee or business location;
    3. Emailing your CV to a Platinum International employee or being interviewed by them;
    4. Applying for a job through a job board, which then redirects you to the Platinum International website;
    5. Entering your personal details into a Platinum International microsite; or
    6. Entering your details through a social media channel such as Facebook or Twitter etc.

 

  1. We also receive personal data about Candidate from other sources. Depending on the relevant circumstances and applicable local laws and requirements, these may include personal data received in the following situations:
    1. Your referees may disclose personal information about you;
    2. Third parties such as customers, suppliers or other know individuals may share personal information about you with us;
    3. We may obtain information about you from searching for potential candidates and applicants from third party sources, such as LinkedIn, Facebook and other job sites;
    4. If you ‘like’ our page on Facebook, Snapchat, Instagram or ‘follow’ us on Twitter etc. we will receive your personal information from those sites; and
    5. If you were referred to us through a recruitment agency, they may share personal information about you with us.

 

  1. We use CCTV in and around all our Company controlled buildings and locations to monitor your behaviour and for security and Health & Safety purposes. In addition, we use locational tracking devices in company computers, phones and in Company controlled vehicles to monitor a device’s physical location for the purposes of performance management reviews, security, Health & Safety information and for delivery information purposes which may be supplied to third parties within Europe (EEA). For identification purposes we may use your image on your training record to demonstrate your particular training requirement and competence level or on identification cards/ badges. In addition, we may use colleague images along with your name and work location to acknowledge significant Birthdays or work anniversaries for marketing purposes and in the Company magazine, the ‘Platinum Post’.

 

  1. Personal data we collect automatically, when you access our website or read or click on an email from us, where appropriate we may also collect your data automatically or through you providing it to us.

 

HOW WILL YOUR INFORMATION BE USED?

  1. As your employer, ex-employer or potential employer, the Company needs to keep and process information about you for normal employment purposes. All such personal information is protected by law under the General Data Protection Regulations (GDPR). The information we hold and process will be used for our management and administrative use only. We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, during the recruitment process, whilst you are working for us, at the time when your employment ends and after you have left. This includes using information to enable us to comply with the employment contract, to comply with any legal requirements, pursue the legitimate interests of the Company and to protect our legal position in the event of legal proceedings. There is no strict requirement for you to provide this data, but if you do not we may be unable, in some circumstances, to comply with our obligations and it will not be practically possible to employ you. However, we would tell you about the implications of that decision.

 

  1. Much of the information we hold will have been provided by you, but some may come from other internal sources, such as your manager, or in some cases, external sources, such as referees. External sources of personal data that have been provided by you may include information from social media accounts.

 

  1. The sort of information we hold includes your application form and references, your contract of employment and any amendments to it; correspondence with or about you, for example letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary; information such as Driving Licence and Vehicle Insurance Declaration for both you and other individuals who may drive under the Company’s vehicle insurance scheme; information needed for payroll, pension administration, benefits and expenses purposes; contact and emergency contact details; records of holiday, sickness and other absence; information needed for the equal opportunities monitoring policy; and records relating to your career history, such as training and capability records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records.

 

  1. You will, of course, inevitably be referred to in many Company documents and records that are produced by you and your colleagues in the course of carrying out your duties and the business of the Company. You should refer to the Data Protection Policy which is available on our website, on the Company intranet (under Company Information) or in paper format from Platinum International Ltd, Platinum House, Bailey Road, Trafford Park, Manchester. M17 1SA.

 

  1. Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes, hospital letters and occupational health reports. This information will be used in order to comply with our health and safety and occupational health obligations – to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate. We will also need this data to administer and manage statutory and company sick pay, make other statutory payments such as maternity pay etc., private health insurance and Company vehicle driving assessments, DVLA vehicle licence and company vehicle insurance checks.

 

  1. We monitor company equipment and services such as computers, internet usage, Platinum email, desk telephone and mobile telephone use, as detailed in our various Company policies and available on the Company’s intranet. We also keep records of your hours of work by way of our Time and Attendance systems and processes.

 

  1. We do not use automated decision making (including profiling) in our systems.

 

  1. If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.

 

OUR LEGAL BASES FOR PROCESSING YOUR DATA?

  1. Our legal basis for processing personal data of applicants, employees and ex-employees is that:
    1. Processing of some elements of sensitive personal data is carried out with ‘consent’ in order for us to undertake equal opportunities monitoring, medical surveillance in order for us to make reasonable disability adjustments.
    2. Processing the personal data is necessary for the purpose of carrying out the employment ‘contract’ or to take steps to enter into an employment contract;
    3. Processing is necessary to comply with a ‘legal obligation’ (for example, we are obliged under employment law to include in a written statement of employment terms with the identity of the parties to the employment contract);
    4. Processing the data is necessary to protect the ‘vital interests’ of an individual (for example we are legally responsible for the health and safety of staff and job applicants (when they are on our premises) and so it is necessary to process data relating to those individuals for that reason); and/or
    5. Processing the data is necessary for the purposes of our ‘legitimate interests’ as the data controller (except where such interests are overridden by the interests, rights or freedoms of the individual).
      1. Our ‘legitimate interests’ for these purposes are:
        1. The need to process data on applicants and staff for the purposes of assessing suitability for employment and then carrying out the employment contract;
        2. The need to gather data for the purposes of safeguarding the health and safety of job applicants and employees;
        3. The need to transfer employee data intra-group for administrative purposes; and
        4. The need to process employee data for the purposes of ensuring network and information security.

 

  1. As a company, we may sometimes need to process your data to pursue our legitimate business interests, for example to prevent fraud, administrative purposes or reporting potential crimes. The nature of our legitimate interests mean that we process employee, customer and supplier etc. data. During the course of our business we deal with payments, products (in the main batteries and lubricants) and third parties (including external authorities). We will never process your data where these interests are overridden by your own interests.

 

  1. Where we process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent, such as for equal opportunities monitoring. Unless this is not required by law, such as proof of the Right to Work or the information is required to protect your health in an emergency.

 

  1. Where we are processing data based on your consent, you have the right to withdraw that consent at any time. Platinum International will only hold information which relates to you for the purposes of identity or well-being. For example, we may hold information on you which relates to your ethnic origin but not your political opinions. We may also hold information on you which relates to your physical or mental health condition but not your religious beliefs. With your permission, some of our roles and some of our customers require us to carry out comprehensive security checks which require checking if you have any criminal convictions.

 

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

  1. Where appropriate we may share your personal data, in various ways and for various reasons, with the following categories of people:
    1. Any of our group companies;
    2. Individuals and organisations who hold information related to a business reference or application to do business with us, such as current or past suppliers, customers and insurers etc.;
    3. Tax, audit, or other authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation);
    4. Third party service providers who perform functions on our behalf (including external consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems);
    5. Third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place;

 

  1. Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information to our external payroll provider, pension or health insurance schemes. For example:
    1. Our external payroll provider: Wilds CCA;
    2. Our pension provider: Now: Pensions;
    3. Government organisations such as CSA, Police, HMRC, DVLA, Environment Agency and the HSE;
    4. Approved medical providers;
    5. Other employers for the purposes of obtaining and giving references;
    6. Healthcare providers;
    7. Insurance providers;
    8. Financial auditors;
    9. Our customers upon request for the purpose of site and project work e.g. CVs; and
    10. Licence Plate recognition schemes such as Congestion charge zones etc.

 

  1. Other than as mentioned above, where appropriate we may share your personal data in various ways and for various reasons, with the following categories of people:
    1. Any of our group companies for purposes connected with your employment or the management of the Company’s business;
    2. Individuals and organisations who hold information related to your reference or application to join us, such as current or past employers, educators and examining bodies, and employment agencies;
    3. Tax, audit, or other authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation);
    4. Third party service providers who perform functions on our behalf (including external consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems);
    5. Third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place;
    6. Marketing technology platforms and suppliers;
    7. In the case of candidates and prospective members of Staff’s referees: third parties who we have retained to provide services such as reference, qualification and criminal convictions checks, to the extent that these checks are appropriate; and
    8. If Platinum International merges with or is acquired by another business or company in the future, (or is in meaningful discussions about such a possibility) we may share your personal data with the (prospective) new owners of the business or company.

 

  1. In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements. We have in place safeguards including password protection, virus checking and Websense/ ForcePoint etc. to ensure destination and sender checks are passed etc. to ensure the security of your data.

 

HOW DO WE SAFEGUARD YOUR PERSONAL DATA?

  1. We are committed to taking all reasonable and appropriate steps to protect the personal information that we hold from misuse, loss, or unauthorised access. We do this by having in place a range of appropriate technical and organisational measures. These include measures to deal with any suspected data breach.

 

  1. If you suspect any misuse or loss of or unauthorised access to your personal information please let us know immediately. Details of how to contact us can be found here.

 

HOW DO WE STORE AND TRANSFER YOUR DATA INTERNATIONALLY?

  1. To enable us to conduct international business, your data may be transferred:
    1. between and within Platinum International entities and employees;
    2. to third parties (such as suppliers, customers and advisors to the Platinum International business);
    3. to a cloud-based storage provider; and
    4. to other third parties, as referred to here.

 

  1. We want to make sure that your data are stored and transferred in a way which is secure. We will therefore only transfer data outside of the European Economic Area or EEA (i.e. the Member States of the European Union, together with Norway, Iceland and Liechtenstein) where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data or where it is necessary for the conclusion:
    1. For the performance of a contract between ourselves and a third party and the transfer is in your interests for the purposes of that contract (for example, if we need to transfer data outside the EEA in order to meet our obligations under that contract if you are a customer or supplier of ours); or
    2. where you have consented to the data transfer.

 

  1. To ensure that your personal information receives an adequate level of protection, we have put in place appropriate procedures with the third parties we share your personal data with to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the law on data protection.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?

  1. We will keep Employee personal data for no longer than is necessary, having regard to the original purpose for which the data was processed. In some cases we will be legally obliged to keep your data for a set period. Your personal employment data will be stored for a period of seven (7) years in normal circumstances. However it may be retained for longer periods in the event of an ongoing legal claim or for up to thirty (30) years for ongoing health monitoring purposes.

 

  1. We will delete candidate personal data from our systems if we have not had any meaningful contact with you for two years (or for such longer period as we believe in good faith that the law or relevant regulators require us to preserve your data). After this period, it is likely your data will no longer be relevant for the purposes for which it was collected.

 

  1. When we refer to “meaningful contact”, we mean, for example, communication between us (either verbal or written), or where you are actively engaging with our online services. If you are a Candidate we will consider there to be meaningful contact with you if you submit or have your CV submitted by a third party to us. We will also consider it meaningful contact if you communicate with us about potential roles, either by verbal or written communication or click through from any of our marketing communications. Your receipt, opening or reading of an email or other digital message from us will not count as meaningful contact – this will only occur in cases where you click-through or reply directly.

 

YOUR RIGHTS – HOW TO ACCESS, AMEND OR TAKE BACK THE PERSONAL DATA

  1. One of the General Data Protection Regulation’s (GDPR’s) main objectives is to protect and clarify the rights of EU citizens and individuals in the EU with regards to data privacy. Under the GDPR and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. In summary of the below:
    1. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability. This means that you retain various rights in respect of your personal data, even once you have given it to us. These are described in more detail below.
    2. If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
    3. We can refuse to comply with any request if we can demonstrate compelling and legitimate grounds for processing, which override your interests, rights and freedoms or where there is another legitimate or legal reason for keeping the data. These include but are not limited to where we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms; or if the processing is for the establishment, exercise or defence of legal claims.

 

  1. To get in touch about these rights, please contact us (for further information please see the ‘Complaints’ section). We will seek to deal with your request without undue delay, and in any event within one month (subject to any extensions to which we are lawfully entitled). Please note that we may keep a record of your communications to help us resolve any issues which you raise.

 

  1. Right to object: this right enables you to object to us processing your personal data where we do so for one of the following four reasons: (i) our legitimate interests; (ii) to enable us to perform a task in the public interest or exercise official authority; (iii) to send you direct marketing materials; and (iv) for scientific, historical, research, or statistical purposes.

 

  1. The “legitimate interests” and “direct marketing” categories above are the ones most likely to apply to our Website Users, Customers and Suppliers. If your objection relates to us processing your personal data because we deem it necessary for your legitimate interests, we must act on your objection by ceasing the activity in question unless:
    1. we can show that we have compelling legitimate grounds for processing which overrides your interests; or
    2. we are processing your data for the establishment, exercise or in the defence of a legal claim.

 

  1. If your objection relates to direct marketing, we must act on your objection by ceasing this activity.

 

  1. Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for our marketing activities), you may withdraw this consent at any time and we will cease to carry out the particular activity that you previously consented to unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose in which case we will inform you of this condition.

 

  1. Data Subject Access Requests (DSAR): You may ask us to confirm what information we hold about you at any time, and request us to modify, update or delete such information. We may ask you to verify your identity and for more information about your request. If we provide you with access to the information we hold about you, we will not charge you for this unless your request is “manifestly unfounded or excessive”. If you request further copies of this information from us, we may charge you a reasonable administrative cost where legally permissible. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.

 

  1. Right to erasure: You have the right to request that we erase your personal data in certain circumstances. Normally, the information must meet one of the following criteria:
    1. the data are no longer necessary for the purpose for which we originally collected and/ or processed them;
    2. where previously given, you have withdrawn your consent to us processing your data, and there is no other valid reason for us to continue processing;
    3. the data has been processed unlawfully (i.e. in a manner which does not comply with the GDPR);
    4. it is necessary for the data to be erased in order for us to comply with our legal obligations as a data controller; or
    5. if we process the data because we believe it necessary to do so for our legitimate interests, you object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.

 

  1. We would only be entitled to refuse to comply with your request for one of the following reasons:
    1. to exercise the right of freedom of expression and information;
    2. to comply with legal obligations or for the performance of a public interest task or exercise of official authority;
    3. for public health reasons in the public interest;
    4. for archival, research or statistical purposes; or
    5. to exercise or defend a legal claim.

 

  1. When complying with a valid request for the erasure of data we will take all reasonably practicable steps to delete the relevant data.

 

  1. Right to restrict processing: You have the right to request that we restrict our processing of your personal data in certain circumstances. This means that we can only continue to store your data and will not be able to carry out any further processing activities with it until either: (i) one of the circumstances listed below is resolved; (ii) you consent; or (iii) further processing is necessary for either the establishment, exercise or defence of legal claims, the protection of the rights of another individual, or reasons of important EU or Member State public interest.

 

  1. The circumstances in which you are entitled to request that we restrict the processing of your personal data are:
    1. where you dispute the accuracy of the personal data that we are processing about you. In this case, our processing of your personal data will be restricted for the period during which the accuracy of the data is verified;
    2. where you object to our processing of your personal data for our legitimate interests. Here, you can request that the data be restricted while we verify our grounds for processing your personal data;
    3. where our processing of your data is unlawful, but you would prefer us to restrict our processing of it rather than erasing it; and
    4. where we have no further need to process your personal data but you require the data to establish, exercise, or defend legal claims.

 

  1. If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.

 

  1. Right to rectification: You also have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. Where appropriate, we will also tell you which third parties we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.

 

  1. Right of data portability: If you wish, you have the right to transfer your personal data between data controllers. In effect, this means that you are able to transfer your Platinum International account details to another online platform. To allow you to do so, we will provide you with your data in a commonly used machine-readable format that is password-protected so that you can transfer the data to another online platform. Alternatively, we may directly transfer the data for you. This right of data portability applies to: (i) personal data that we process automatically (i.e. without any human intervention); (ii) personal data provided by you; and (iii) personal data that we process based on your consent or in order to fulfil a contract.

 

  1. Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority. Details of how to contact them can be found in the ‘Complaints’ section).

 

  1. If you would like to exercise any of these rights, or withdraw your consent to the processing of your personal data (where consent is our legal basis for processing your personal data), details of how to contact us can be found in the ‘Complaints’ section. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

 

  1. You may ask to unsubscribe from your marketing activities at any time.

 

  1. It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold your data.

 

COMPLAINTS

  1. If you think we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data, you have a specific right to lodge a complaint with the relevant supervisory authority. The supervisory authority will then inform you of the progress and outcome of your complaint. The supervisory authority in the UK is the Information Commissionaire’s Office (ICO).

 

  1. Platinum International Ltd and Platinum International BV (Platinum International Ltd, Platinum House, Bailey Rd, Trafford Park, Manchester, M17 1SA. Company Registration Number 4397197) is the controller and processor of data for the purposes of the DPA 18 and GDPR.

 

  1. If you have any concerns as to how your data is processed you can contact: Mark Broomhead – HR, Quality & Systems Manager at GDPR@platinuminternational.com or you can write using the address of Platinum International Ltd, Platinum House, Bailey Rd, Trafford Park, Manchester, M17 1SA.

 

  1. You can notify Platinum International Ltd of any changes to your personal data, by contacting the HR Department or emailing HR@platinuminternational.com

 

  1. Please sign below to confirm your understanding of the Company holding such information on file, for as long as it considers necessary to fulfil the purpose for which it was obtained and to processing (including disposing and destroying). Data will be stored in accordance with the eight Data Protection Principles and the other requirements of the Act and any other procedures laid down by the Company for this purpose from time to time.

Data Protection Policy – for Employees, Workers and Consultants (HR28)

The ‘Company’ – Platinum International Ltd, the Company’s Subsidiaries or Holding Companies and any Subsidiary of any Holding Company.

1 Overview
1.1 The Company takes the security and privacy of your data seriously. We need to gather and use information or ‘data’ about you as part of our business and to manage our relationship with you. We intend to comply with our legal obligations under the Data Protection Act 2018 (the ‘2018 Act’) and the EU General Data Protection Regulation (‘GDPR’) in respect of data privacy and security. We have a duty to notify you of the information contained in this policy.

1.2 This policy applies to current and former employees, workers, volunteers, apprentices and consultants. If you fall into one of these categories then you are a ‘data subject’ for the purposes of this policy. You should read this policy alongside your contract of employment (or contract for services) and any other notice we issue to you from time to time in relation to your data.

1.3 The Company has measures in place to protect the security of your data in accordance with our Data Security Policy. A copy of this can be obtained from the Company’s intranet under Company information or alternative from the HR department.

1.4 The company will hold data in accordance with our Data Retention Policy. A copy of this can be obtained from the Company’s intranet under Company information or alternative from the HR department. We will only hold data for as long as necessary for the purposes for which we collected it.

1.5 The Company is a ‘Data Controller’ for the purposes of your personal data. This means that we determine the purpose and means of the processing of your personal data.

1.6 This policy explains how the Company will hold and process your information. It explains your rights as a data subject. It also explains your obligations when obtaining, handling, processing or storing personal data in the course of working for, or on behalf of, the Company.

1.7 This policy does not form part of your contract of employment (or contract for services if relevant) and can be amended by the Company at any time. It is intended that this policy is fully compliant with the 2018 Act and the GDPR. If any conflict arises between those laws and this policy, the Company intends to comply with the 2018 Act and the GDPR.

2 Data Protection Principles
2.1 Personal data must be processed in accordance with six ‘Data Protection Principles.’ It must:
• be processed fairly, lawfully and transparently;
• be collected and processed only for specified, explicit and legitimate purposes;
• be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
• be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
• not be kept for longer than is necessary for the purposes for which it is processed; and
• be processed securely.

We are accountable for these principles and must be able to show that we are compliant.
3 How we define Personal Data
3.1 ‘Personal data’ means information which relates to a living person who can be identified from that data (a ‘data subject’) on its own, or when taken together with other information which is likely to come into our possession. It includes any expression of opinion about the person and an indication of the intentions of us or others, in respect of that person. It does not include anonymised data.

3.2 This policy applies to all personal data whether it is stored electronically, on paper or on other materials.

3.3 This personal data might be provided to us by you, or someone else (such as a former employer, your doctor, or a credit reference agency), or it could be created by us. It could be provided or created during the recruitment process or during the course of the contract of employment (or services) or after its termination. It could be created by your manager or other colleagues.

3.4 We will collect and use the following types of personal data about you:
• recruitment information such as your application form and CV, references, qualifications and membership of any professional bodies and details of any pre-employment assessments;
• your contact details and date of birth;
• the contact details for your emergency contacts;
• your gender;
• your marital status and family details;
• information about your contract of employment (or services) including start and end dates of employment, role and location, working hours, details of promotion, salary (including details of previous remuneration), pension, benefits and holiday entitlement;
• your bank details and information in relation to your tax status including your national insurance number;
• your identification documents including passport and driving licence and information in relation to your immigration status and right to work for us;
• information relating to disciplinary or grievance investigations and proceedings involving you (whether or not you were the main subject of those proceedings);
• information relating to your performance and behaviour at work;
• training records;
• electronic information in relation to your use of IT systems/swipe cards/telephone systems;
• health and safety records;
• your images (whether captured on CCTV, by photograph or video); and
• any other category of personal data which we may notify you of from time to time.

4 How we define special categories of personal data
4.1 ‘Special categories of personal data’ are types of personal data consisting of information as to:
• your racial or ethnic origin;
• your political opinions;
• your religious or philosophical beliefs;
• your trade union membership;
• your genetic or biometric data;
• your health;
• your sex life and sexual orientation; and
• any criminal convictions and offences.

We may hold and use any of these special categories of your personal data in accordance with the law.

5 How we define processing
5.1 ‘Processing’ means any operation which is performed on personal data such as:
• collection, recording, organisation, structuring or storage;
• adaption or alteration;
• retrieval, consultation or use;
• disclosure by transmission, dissemination or otherwise making available;
• alignment or combination; and
• restriction, destruction or erasure.

This includes processing personal data which forms part of a filing system and any automated processing.

6 How will we process your personal data?
6.1 The Company will process your personal data (including special categories of personal data) in accordance with our obligations under the 2018 Act.

6.2 We will use your personal data for:
• performing the contract of employment (or services) between us;
• complying with any legal obligation; or
• if it is necessary for our legitimate interests (or for the legitimate interests of someone else). However, we can only do this if your interests and rights do not override ours (or theirs). You have the right to challenge our legitimate interests and request that we stop this processing. See details of your rights in section 12 below.

We can process your personal data for these purposes without your knowledge or consent. We will not use your personal data for an unrelated purpose without telling you about it and the legal basis that we intend to rely on for processing it.

If you choose not to provide us with certain personal data you should be aware that we may not be able to carry out certain parts of the contract between us. For example, if you do not provide us with your bank account details we may not be able to pay you. It might also stop us from complying with certain legal obligations and duties which we have such as to pay the right amount of tax to HMRC or to make reasonable adjustments in relation to any disability you may suffer from.

7 Examples of when we might process your personal data
7.1 We have to process your personal data in various situations during your recruitment, employment (or engagement) and even following termination of your employment (or engagement).

7.2 For example (and see section 7.6 below for the meaning of the asterisks):
• to decide whether to employ (or engage) you;
• to decide how much to pay you, and the other terms of your contract with us;
• to check you have the legal right to work for us;
• to carry out the contract between us including where relevant, its termination;
• training you and reviewing your performance*;
• to decide whether to promote you;
• to decide whether and how to manage your performance, absence or conduct*;
• to carry out a disciplinary or grievance investigation or procedure in relation to you or someone else;
• to determine whether we need to make reasonable adjustments to your workplace or role because of your disability*;
• to monitor diversity and equal opportunities*;
• to monitor and protect the security (including network security) of the Company, of you, our other staff, customers and others;
• to monitor and protect the health and safety of you, our other staff, customers and third parties*;
• to pay you and provide pension and other benefits in accordance with the contract between us*;
• paying tax and national insurance;
• to provide a reference upon request from another employer;
• to pay trade union subscriptions*;
• monitoring compliance by you, us and others with our policies and our contractual obligations*;
• to comply with employment law, immigration law, health and safety law, tax law and other laws which affect us*;
• to answer questions from insurers in respect of any insurance policies which relate to you*;
• running our business and planning for the future;
• the prevention and detection of fraud or other criminal offences;
• the prevention and detection of motoring offences;
• to defend the Company in respect of any investigation or litigation and to comply with any court or tribunal orders for disclosure*; and
• for any other reason which we may notify you of from time to time.

7.3 We will only process special categories of your personal data (see above) in certain situations in accordance with the law. For example, we can do so if we have your explicit consent. If we asked for your consent to process a special category of personal data then we would explain the reasons for our request. You do not need to consent and can withdraw consent later if you choose by contacting the HR Department.

7.4 We do not need your consent to process special categories of your personal data when we are processing it for the following purposes, which we may do:
• where it is necessary for carrying out rights and obligations under employment law;
• where it is necessary to protect your vital interests or those of another person where you/they are physically or legally incapable of giving consent;
• where you have made the data public;
• where processing is necessary for the establishment, exercise or defence of legal claims; and
• where processing is necessary for the purposes of occupational medicine or for the assessment of your working capacity.

7.5 We might process special categories of your personal data for the purposes in paragraph 7.2 above which have an asterisk beside them. In particular, we will use information in relation to:
• your race, ethnic origin, religion, sexual orientation or gender to monitor equal opportunities;
• your sickness absence, health and medical conditions to monitor your absence, assess your fitness for work, to pay you benefits, to comply with our legal obligations under employment law including to make reasonable adjustments and to look after your health and safety; and
• your trade union membership to pay any subscriptions and to comply with our legal obligations in respect of trade union members.

7.6 We do not take automated decisions about you using your personal data or use profiling in relation to you.

8 Sharing your personal data
8.1 Sometimes we might share your personal data with group companies or our contractors and agents to carry out our obligations under our contract with you or for our legitimate interests.

8.2 We require those companies to keep your personal data confidential and secure and to protect it in accordance with the law and our policies. They are only permitted to process your data for the lawful purpose for which it has been shared and in accordance with our instructions.

8.3 The legitimate activities which third parties undertake for the Company include (but are not limited to) Payroll provision, Pension, Insurance brokerage (vehicle, health, and travel etc.), Legal services, Mobile phone providers, IT data storage provision (including cloud based storage) and accreditation bodies such as ISO.

8.4 We do not send your personal data outside the European Economic Area. If this changes you will be notified of this and the protections which are in place to protect the security of your data will be explained.

9 How should you process personal data for the Company?
9.1 Everyone who works for, or on behalf of, the Company has some responsibility for ensuring data is collected, stored and handled appropriately, in line with this policy and the Company’s Data Security and Data Retention policies.

9.2 The person responsible for data protection in the Company is Mark Broomhead (HR, Quality & Systems Manager) who is responsible for reviewing this policy and updating the Board of Directors on the Company’s data protection responsibilities and any risks in relation to the processing of data. You should direct any questions in relation to this policy or data protection to this person.

9.3 You should only access personal data covered by this policy if you need it for the work you do for, or on behalf of the Company and only if you are authorised to do so. You should only use the data for the specified lawful purpose for which it was obtained.

9.4 You should not share personal data informally.

9.5 You should keep personal data secure and not share it with unauthorised people.

9.6 You should regularly review and update personal data which you have to deal with for work. This includes telling us if your own contact details change.

9.7 You should not make unnecessary copies of personal data and should keep and dispose of any copies securely.

9.8 You should use strong passwords.

9.9 You should lock your computer screens when not at your desk.

9.10 Personal data, if stored electronically should be held in secure drives or in password protected folders. Furthermore, it should be encrypted before being transferred electronically to authorised external contacts (please speak to IT for more information on how to do this).

9.11 Personal data, if stored in hard copy should be kept secure in lockable files and cabinets. When being disposed of, it is to be shredded.

9.12 Consider anonymising data or using separate keys/ codes so that the data subject cannot be identified.

9.13 Do not save personal data to your own personal computers or other devices.

9.14 Personal data should never be transferred outside the European Economic Area except in compliance with the law and authorisation of the person responsible for data protection (Mark Broomhead).

9.15 You should lock drawers and filing cabinets. Do not leave paper with personal data lying about.

9.16 You should not take personal data away from Company’s premises without authorisation from your line manager or the person responsible for data protection.

9.17 Personal data should be shredded and disposed of securely when you have finished with it.

9.18 You should ask for help from the person responsible for data protection if you are unsure about data protection or if you notice any areas of data protection or security we can improve upon.

9.19 Any deliberate or negligent breach of this policy by you may result in disciplinary action being taken against you in accordance with our disciplinary procedure.

9.20 It is a criminal offence to conceal or destroy personal data which is part of a subject access request (see below). This conduct would also amount to gross misconduct under our disciplinary procedure, which could result in your dismissal.

10 How to deal with data breaches
10.1 We have robust measures in place to minimise and prevent data breaches from taking place. Should a breach of personal data occur (whether in respect of you or someone else) then we must take notes and keep evidence of that breach. If the breach is likely to result in a risk to the rights and freedoms of individuals then we must also notify the Information Commissioner’s Office within 72 hours.

10.2 If you are aware of a data breach you must contact the person responsible for data protection (Mark Broomhead) immediately and keep any evidence you have in relation to the breach.

11 Subject Access Requests
11.1 Data subjects can make a ‘Subject Access Request’ (‘SAR’) to find out the information we hold about them. This request must be made in writing. If you receive such a request you should forward it immediately to the person responsible for data protection who will coordinate a response.

11.2 If you would like to make a SAR in relation to your own personal data you should make this in writing to (Mark Broomhead). We must respond within one month unless the request is complex or numerous in which case the period in which we must respond can be extended by a further two months.

11.3 There is no fee for making a SAR. However, if your request is manifestly unfounded or excessive we may charge a reasonable administrative fee or refuse to respond to your request.

12 Your data subject rights
12.1 You have the right to information about what personal data we process, how and on what basis as set out in this policy.

12.2 You have the right to access your own personal data by way of a subject access request (see above).

12.3 You can correct any inaccuracies in your personal data. To do you should contact the person responsible for data (Mark Broomhead).

12.4 You have the right to request that we erase your personal data where we were not entitled under the law to process it or it is no longer necessary to process it for the purpose it was collected. To do so you should contact Mark Broomhead.

12.5 While you are requesting that your personal data is corrected or erased or are contesting the lawfulness of our processing, you can apply for its use to be restricted while the application is made. To do so you should contact Mark Broomhead.

12.6 You have the right to object to data processing where we are relying on a legitimate interest to do so and you think that your rights and interests outweigh our own and you wish us to stop.

12.7 You have the right to object if we process your personal data for the purposes of direct marketing.

12.8 You have the right to receive a copy of your personal data and to transfer your personal data to another data controller. We will not charge for this and will in most cases aim to do this within one month.

12.9 With some exceptions, you have the right not to be subjected to automated decision-making.

12.10 You have the right to be notified of a data security breach concerning your personal data.

12.11 In most situations we will not rely on your consent as a lawful ground to process your data. If we do however request your consent to the processing of your personal data for a specific purpose, you have the right not to consent or to withdraw your consent later. To withdraw your consent, you should contact Mark Broomhead.

12.12 You have the right to complain to the Information Commissioner. You can do this be contacting the Information Commissioner’s Office directly. Full contact details including a helpline number can be found on the Information Commissioner’s Office website (www.ico.org.uk). This website has further information on your rights and our obligations.

Featured Articles