Personal Data Protection in the Workplace promoting the awareness of data protection in Singapore, and administrating and enforcing the PDPA.

Size: px
Start display at page:

Download "Personal Data Protection in the Workplace promoting the awareness of data protection in Singapore, and administrating and enforcing the PDPA."

Transcription

1 15 With the Personal Data Protection Act ( PDPA ) coming into full force on 2 July 2014, it is time for employers to revise workplace policies to ensure that they comply with the new legislation and adequately protect their employees personal data. In this article, we highlight the relevant obligations under the PDPA arising in the employment context according to the typical cycle of an employment relationship. Personal Data Protection in the Workplace promoting the awareness of data protection in Singapore, and administrating and enforcing the PDPA. The Commission has issued fi ve sets of Advisory Guidelines: 1. The Advisory Guidelines on Key Concepts in the PDPA (the Key Concepts Guidelines ); 2. The Advisory Guidelines on the PDPA for Selected Topics (the Selected Topics Guidelines ); 3. The Advisory Guidelines on the Do Not Call Provisions; 4. The Advisory Guidelines for the Telecommunications Sector; and 5. The Advisory Guidelines for the Real Estate Agency Sector. Background As many of us would know by now, the PDPA is a baseline data protection framework which applies to all organisations which collect, use and disclose personal data in Singapore. To set the context for this article, it is helpful to understand the key concepts used in the PDPA. Organisation is defi ned in the legislation to include any individual, company, association or body of persons, corporate or unincorporated, whether or not formed or recognised under the law of Singapore. In light of this broad definition, most employers will fall within it and, therefore, have to comply with the obligations set out in the PDPA. The term personal data is also defi ned broadly. It includes data, whether true or not, about an individual which can be used to identify the person. 1 Information that does not directly identify the individual may still be considered personal data if it can identify the individual when combined with other information that the organisation has or is likely to have access to. The PDPA also establishes a Personal Data Protection Commission (the Commission ) whose functions include On 16 May 2014, the Personal Data Protection Regulations ( PDPR ) were gazetted. The PDPR expands on the PDPA s Access and Correction Obligation and Transfer Obligation. The revised Key Concepts Guidelines were also published and provide examples in relation to the PDPR. Public consultations for two other Advisory Guidelines, namely the Advisory Guidelines for the Education, Healthcare and Social Service Sectors and the Selected Topics Guidelines (photography), were recently concluded. While these Advisory Guidelines are not legally binding, they provide an indication as to how the Commission will interpret the PDPA. As such, it is important for organisations to be familiar with these non-binding guidelines. To Hire or Not to Hire Recruitment Process Designing the Appropriate Application Form At the pre-employment stage, it is often necessary for job-seekers to submit a job application form. The PDPA imposes an obligation on employers to obtain the applicants consent before collecting, using or disclosing their personal data (the Consent Obligation ). 2 An applicant is not taken to have consented unless he has been notifi ed of the

2 16 purposes for which his personal data will be collected, used or disclosed (the Notifi cation Obligation ). 3 Nevertheless, when an applicant voluntarily provides his personal data to the employer in the form of a job application, he may be deemed to consent to the employer collecting, using and disclosing the personal data for the purpose of assessing his job application. 4 What Information Should be Requested? Employers should refrain from requiring job applicants to provide personal data that are not relevant to the job they are applying for or to the employers decision of hiring them. Personal data should only be collected, used or disclosed for purposes that a reasonable person would consider appropriate in the circumstances (the Purpose Limitation Obligation ). 5 Where an employee-to-be voluntarily provides personal data knowing the purpose for which such personal data is provided, and the circumstances are such that it is reasonable for the individual to have provided his personal data, he may be deemed to have consented to the collection and use of his personal data for the said purpose. Getting to Know the Job Applicants Before the First Interview It is common for employers to conduct due-diligence checks on prospective employees. This may be done in a number of ways. One of the ways is to conduct a search on publicly available material on the job applicants. Employers who have the habit of doing so will be happy to know that they need not obtain the applicants consent if the personal data is publicly available. 6 Due to the volatility of information on the internet, the Commission allows employers to use and disclose an individual s personal data even if the data is no longer publicly available so long as it was publicly available at the point of collection. Another way of conducting checks is to obtain references from the applicants former employers. To the extent that personal data is collected and used only for evaluative purposes, the applicant s consent is not required. 7 However, some former employers may nevertheless require requests for references to be made by the applicant himself, as a means of checking on the legitimacy of such requests from third parties. Ensuring Accuracy The employer also has an obligation to make a reasonable effort to ensure that the personal data collected is accurate and complete if the data is likely to be used by the company to make a decision that affects the individual or is likely to be disclosed by the organisation to another organisation (the Accuracy Obligation ). 8 If the personal data is provided by the individual and supported by documents such as his identifi cation card or academic transcripts, the employer will be able to verify the accuracy of the personal data. However, if the employer is uncertain about the accuracy of the personal data, he may require the individual to make a verbal or written declaration that the data provided is accurate and complete. Dealing with Personal Data of Unsuccessful Applicants For unsuccessful applicants, employers should only retain their personal data if there is a reasonable purpose for doing so or if it is necessary for any legal or business purposes (the Retention Limitation Obligation ). 9 For example, the employer may wish to retain personal data to consider the applicants for future job vacancies. If so, the applicants should be informed of this intended purpose and their consent should be sought for their personal data to be kept for such purpose. You re Hired! Commencement of Employment After the applicant has been employed, the employer may require additional information about him not provided in the job application form. Similarly, in relation to the additional personal data, the employer will have to notify its employees of the purposes for the collection, use or disclosure of the personal data and obtain their consent. However, there are two exceptions to the general obligations that are applicable in the employment context: the evaluative purposes exception and the managing and terminating an employment relationship exception. The Evaluative Purposes Exception Employers may collect, use and disclose personal data without obtaining the employees consent or notifying them where it is necessary for evaluative purposes. 10 Evaluative purposes include the determination of the suitability or eligibility of an individual to whom the data relate for employment, continuance in employment or promotion. The Managing and Terminating an Employment Relationship Exception Employers are permitted to collect personal data of employees without their consent if the collection is reasonable for the purpose of managing or terminating an employment relationship. 11 The use or disclosure of such personal data is also allowed if it is consistent with the purpose of the collection. 12 However, employers must still notify their employees of the purposes of such collection, use or disclosure.

3 17 The Selected Topics Guidelines provided four examples of purposes that could fall within the meaning of managing and terminating an employment relationship: 1. Using the employee s bank account details to issue salaries; 2. Monitoring how the employee uses company computer network resources; 3. Posting employees photographs on the staff directory page on the company intranet; or 4. Managing staff benefi t schemes like training or educational subsidies. This employee exemption is special to some jurisdictions, but not available in others. Apart from Singapore, one other example is Australia, where employee records held by a private sector employer are given a limited exemption from its Privacy Act. 13 Employers in Australia are also not obliged to grant employees access to their records. In contrast, Singapore s employee exemption does not abrogate the access and correction obligations of employers which will be discussed below. Other jurisdictions such as Hong Kong, Malaysia and Philippines do not have specifi c exemptions relating to employee data. In practice, it may be diffi cult to distinguish between the exception for the purpose of managing or terminating an employment relationship and the exception for evaluative purposes. The Selected Topics Guidelines illustrate that if an employer collects information about the work an employee has done in order to decide whether to promote him, this situation is covered under the evaluative purposes exception and no consent or notifi cation is needed. If information is collected to conduct audits on the employee s fi nance claims, the purpose is to manage or terminate the employment relationship and the employee must be notifi ed that his personal data is being collected for audit purposes. Even if a situation falls within an exception under the PDPA, employers should be mindful of their other legal obligations, such as the need to protect confi dential information of their employees under their employment contracts (if any) and their duties at common law. that employers design security arrangements according to the nature of the personal data held and the possible harm resulting from a breach. For example, highly confi dential information about employees should be kept in locked fi le cabinet systems or in a secured computer network with restricted access. The information should only be entrusted to reliable and well-trained personnel. There should also be a plan on how to deal with security breaches expeditiously and effectively. Access and Correction A more complicated situation arises when an employee requests to access his personal data. Section 21 of the PDPA requires an employer to respond to such a request and make reasonable efforts to provide the employee an opportunity to examine his own personal data (the Access Obligation ). Personal data includes data about the employee that is in the employer s possession or under the employer s control. 15 Upon the employee s request, the organisation should also inform him of the ways in which his personal data has been used or disclosed by the employer within a year before the date of request. When doing so, the organisation should individually identify each possible third party, instead of simply providing general categories of organisations (eg pharmaceutical company ABC instead of pharmaceutical companies ) to which personal data has been disclosed. The exceptions to the Access Obligation are found in the Fifth Schedule of the PDPA. One of them exempts the employer from giving the employee access to his personal data if it would reveal confi dential commercial information that could harm the competitive position of the employer. Other than accessing his personal data, an employee may also request the employer to correct an error or omission in his personal data, subject to the exceptions listed in the Sixth Schedule (the Correction Obligation ). 16 The employer Security After collecting personal data, employers have a duty to safeguard it (the Protection Obligation ). 14 Reasonable security arrangements must be made to prevent unauthorised access, collection, use, disclosure, copying, modifi cation, disposal or similar risks to the personal data. In order to do so, the Key Concepts Guidelines suggest

4 18 should correct the personal data as soon as practicable and, if the employee consents, send the corrected personal data to the specifi c organisations to which the personal data was disclosed by the employer within a year before the date of correction. However, the employer need not make a correction if he is satisfi ed on reasonable grounds that a correction should not be made. In such a case, the employer shall annotate the personal data with the correction that was requested but not made. Withdrawal of Consent Employers should be aware that employees may at any time withdraw their consent to the collection, use or disclosure of their personal data by the employer. 17 In this situation, the employer must inform the employee of the likely consequences of withdrawing his consent. The employer must not prohibit the employee from withdrawing consent. However, any legal consequences arising from the withdrawal will still ensue. After the withdrawal of consent, the employer must cease the collection, use and disclosure of personal data. This obligation does not require the employer to delete or destroy the personal data upon request. If any of the statutory exceptions apply, or if there is a valid purpose for retention, the personal data may be preserved. Monitoring Employees Use of Closed-circuit Television Cameras The use of closed-circuit television cameras ( CCTVs ) at work premises is common. The Selected Topics Guidelines made particular mention on the collection of personal data through CCTVs. Whether or not employers have to notify their employees when CCTVs are deployed depends on the purpose for which the CCTV footage is being collected, used or disclosed. As a good practice, employers may still wish to provide notifi cation even if an exception applies. Notices that CCTVs are in operation should be placed in such a manner and at such positions to make employees suffi ciently aware of the operation of the CCTVs and their purpose. The employer may decide not to reveal the exact location of the CCTVs if the purpose is to covertly monitor the premises for security reasons. Like other documents containing personal data, an employee may request to access the CCTV footage. If images of other individuals can be seen in the footage, the employer is required to mask the other individuals. If the processing fee to edit the footage is too costly, the employer may invoke the exceptions provided for in the Fifth Schedule, such as on the ground that the expense of providing access would be unreasonable to the organisation or disproportionate to the individual s interests, and reject the access request. Bring Your Own Device There is a rising trend in companies adopting the Bring Your Own Device ( BYOD ) model in Singapore. Despite its commercial advantages, BYOD also brings about certain concerns. Employers may fi nd it more diffi cult to monitor their employees behaviour or ensure that confi dential corporate data is not leaked. To address these concerns, employers may require employees to consent to giving the employers access to their devices and the personal data that may be stored in such devices. This would reduce the employers risk of infringing the Computer Misuse and Cybersecurity Act which prohibits the unauthorised access to computer material. Employers should also notify their employees if they are able to access their employees personal data when the employees connect to the company s network. Transfer of Personal Data Overseas Employers may need to transfer their employees personal data out of Singapore for various reasons. For example, the company may have outsourced its payroll functions overseas or if the company s headquarters requires the information. Under the PDPA, an organisation which transfers personal data out of Singapore must take appropriate steps to: (i) ensure that it complies with the obligations under the PDPA; and (ii) ensure that the recipient is bound by legally enforceable obligations to provide the personal data a standard of protection that is comparable to the PDPA. 18 When there is a need to transfer personal data to countries with weak or no data privacy laws, employers may consider using binding contracts for inter-corporate transfers and binding corporate rules for intra-corporate transfers. Regardless of the type of instrument used, it should always set out the purpose of the personal data, the permissible extent of use and disclosure, the obligation of the receiving organisation to maintain accuracy, the security arrangements required, the retention guidelines, and any other policies to ensure that the employees handling the data comply with similar obligations. Notwithstanding the above, an organisation is taken to have satisfi ed the requirement to ensure the recipient is bound by legally enforceable obligations if, among others: the individual whose personal data is to be transferred gives consent to the transfer after being given a reasonable summary in writing of the extent to which the personal data to be transferred to that country or territory will be protected to a standard comparable to the protection under the PDPA;

5 19 2. the transfer is necessary for the performance of a contract between the organisation and the individual; 3. the transfer is necessary for the conclusion or performance of a contract between the organisation and a third party which is entered into at the individual s request; or 4. the personal data is data in transit conduct privacy audits on the company s security systems; and 4. document retention policies for personal data. Employers should also keep a look-out for how the Commission or the Courts will interpret the exceptions applicable to employee data, and evaluate their compliance procedures accordingly. Adios! Termination of Employment When an employee leaves the company, the employer should cease to retain all documents containing the exemployee s personal data or remove the means by which the personal data can be associated with the ex-employee, unless there is a clearly defi ned purpose for retaining it or if it is necessary for legal or business purposes. For example, the employer may want to retain the personal data for future hiring references or for its alumni activities. Consent of the employee should be obtained in respect of such purposes. Where there is no longer any valid purpose for retention, employers should make reasonable efforts to destroy, dispose or delete the personal data permanently. For example, the employer may return the documents to the individual in question, shred the document, or anonymise the personal data such that it no longer identifi es any particular individual. The Retention Limitation Obligation is not adequately satisfi ed just by locking the documents away or transferring the documents to someone else. Going Forward The passing of the PDPA refl ects a growing realisation that the absence of an umbrella statute on data protection puts local businesses at a competitive disadvantage as compared to those in jurisdictions with robust data protection laws. Singapore is positioning itself as a trusted hub for data storage in order to compete with the pioneers in this area. At the same time, the PDPA is also intended to provide individuals with some level of protection. Moving forward, employers should start implementing measures to comply with their new obligations under the Act. For example, employers should: 1. provide training for its employees to impart good practices in handling personal data and strengthen awareness of threats to security; 2. develop and implement appropriate data protection policies (eg BYOD, HR policies); Celeste Ang Baker & McKenzie.Wong & Leow Celeste.Ang@bakermckenzie.com Tan Weiyi Baker & McKenzie.Wong & Leow Weiyi.Tan@bakermckenzie.com Notes 1. PDPA, s 2. 2 PDPA, s PDPA, s PDPA, s PDPA, s Exception 1(c) of the Second Schedule, Exception 1(c) of the Third Schedule, and Exception 1(d) of the Fourth Schedule. 7 Exception 1(f) of the Second Schedule and Exception 1(f) of the Third Schedule. 8 PDPA, s PDPA, s Exception 1(f) of the Second Schedule, Exception 1(f) of the Third Schedule, and Exception 1(h) of the Fourth Schedule. 11 Exception 1(o) of the Second Schedule. 12 Exception 1(j) of the Third Schedule and Exception 1(s) of the Fourth Schedule. 13 Australian Privacy Act 1988 (No. 119 of 1988), s 7B(3). 14 PDPA, s PDPA, s 21(1)(a). 16 PDPA, s PDPA, s PDPR, s 9(1). 19 PDPR, s 9(3). 20 Data in transit refers to personal data transferred through Singapore in the course of onward transportation to a country or territory outside Singapore, without the personal data being accessed or used by, or disclosed to, any organisation (other than the transferring organisation or an employee of the transferring organisation acting in the course of his employment with the transferring organisation) while the personal data is in Singapore, except for the purpose of such transportation.

SME guide to the personal data protection act 2012

SME guide to the personal data protection act 2012 SME guide to the personal data protection act 2012 All enquiries may be addressed to: Lim Chong Kin Director Head, Telecommunications, Media and Technology Practice Group Head, Competition & Regulatory

More information

Depending on the circumstances, we may collect, store, and use the following categories of personal information about you:

Depending on the circumstances, we may collect, store, and use the following categories of personal information about you: Ignata Group Data Protection / Privacy Notice What is the purpose of this document? Ignata is committed to protecting the privacy and security of your personal information. This privacy notice describes

More information

PRIVACY POLICY WHAT IS PERSONAL INFORMATION AND WHAT KINDS OF PERSONAL INFORMATION DOES ADECCO COLLECT?

PRIVACY POLICY WHAT IS PERSONAL INFORMATION AND WHAT KINDS OF PERSONAL INFORMATION DOES ADECCO COLLECT? PRIVACY POLICY This policy applies to all Australian corporations which are members of the Adecco Group of companies, and to any overseas members of the Group to the extent that those overseas corporations

More information

PRIVACY NOTICE JOB APPLICANTS

PRIVACY NOTICE JOB APPLICANTS PRIVACY NOTICE JOB APPLICANTS Introduction This privacy notice sets out how we collect and use personal information about you as a job applicant in accordance with the Data Protection (Bailiwick of Guernsey)

More information

TCI specialises in the provision of international corporate administration and trustee services

TCI specialises in the provision of international corporate administration and trustee services Privacy Notice Job Applicants Introduction This privacy notice sets out how we collect and use personal information about you as a job applicant in accordance with the Data Protection (Bailiwick of Guernsey)

More information

DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS

DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS 1. ABOUT THIS DATA PRIVACY NOTICE 1.1 Diomed Developments Limited, and companies within the group controlled by Diomed Developments Limited

More information

Privacy Policy. 1. Introduction

Privacy Policy. 1. Introduction Privacy Policy 1. Introduction 1.1. BTI Executive Search (the Company ) respects your privacy and we acknowledge that you have certain rights related to any personal data we collect from you and we have

More information

Marketing Code of Conduct

Marketing Code of Conduct Marketing Code of Conduct Approved for the purposes of the Electricity Supply Act 1995 (NSW) and the Gas Supply Act 1996 (NSW) by the NSW Minister for Energy 1 January 2011 CONTENTS 1. FOREWORD... 1 1.1

More information

GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS

GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS What is the purpose of this document? FS1 Recruitment UK Ltd is committed to protecting the privacy and security of your

More information

Contents. NRTT Proprietary and Confidential - Reproduction and distribution without prior consent is prohibited. 2

Contents. NRTT Proprietary and Confidential - Reproduction and distribution without prior consent is prohibited. 2 Privacy Policy Contents INTRODUCTION... 4 PROCESSING PRINCIPALS... 5 FAIRNESS AND LAWFULNESS... 5 RESTRICTION TO A SPECIFIC PURPOSE... 5 DELETION... 5 CONFIDENTIALITY AND DATA SECURITY... 5 RELIABILITY

More information

Privacy Policy of Townsville Motor Boat & Yacht Club Limited - Liquor Licence Number 84145

Privacy Policy of Townsville Motor Boat & Yacht Club Limited - Liquor Licence Number 84145 Privacy Policy of Townsville Motor Boat & Yacht Club Limited - Liquor Licence Number 84145 Application The Privacy Policy applies to personal information collected by the club, as the club is an applicable

More information

Privacy Policy of Brothers Leagues Club Ipswich Inc. Community Club Licence No

Privacy Policy of Brothers Leagues Club Ipswich Inc. Community Club Licence No Privacy Policy of Brothers Leagues Club Ipswich Inc. Community Club Licence No. 80331. Application The Privacy Policy applies to personal information collected by the club, as the club is an applicable

More information

GDPR P4 Privacy Policy Statement & Guidance for Employees and External Providers

GDPR P4 Privacy Policy Statement & Guidance for Employees and External Providers Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate

More information

Data protection. The employment practices code

Data protection. The employment practices code Data protection The employment practices code Contents 3 Contents About the code 4 Managing data protection 11 Good practice recommendations 11 Part 1: Recruitment and selection 14 About Part 1 of the

More information

Data Privacy Policy for Employees and Employee Candidates in the European Union

Data Privacy Policy for Employees and Employee Candidates in the European Union Data Privacy Policy for Employees and Employee Candidates in the European Union This Data Privacy Policy is effective as of February 1, 2014 1. Data Privacy Policy Overview 1.1 Under Armour, Inc. (the

More information

Employee Privacy Statement

Employee Privacy Statement Deutsche Bank Data Protection Philippines Employee Privacy Statement Deutsche Bank collects employee personal data as may be required for managing or terminating an employment relationship, in connection

More information

DATA PROTECTION POLICY 2016

DATA PROTECTION POLICY 2016 DATA PROTECTION POLICY 2016 ADOPTED FROM BRADFORD METROPOLITAIN COUNCIL MODEL POLICY AUTUMN 2016 To be agreed by Governors on; 17/10/16 Signed by Chair of Governors: Statutory policy: Yes Frequency of

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY 1. Introduction This policy is intended to provide information about how the School will use (or process ) personal data about individuals including: Current, past and prospective pupils; Parents, carers

More information

Data Protection Policy

Data Protection Policy Data Protection Policy This policy will be reviewed by the Trust Board three yearly or amended if there are any changes in legislation before that time. Date of last review: Autumn 2018 Date of next review:

More information

DATED: 25/05/2018 GDPR PRIVACY NOTICE FOR HOPES & DREAMS LTD FOR EMPLOYEES, CHILDREN ATTENDING A GROUP NURSERY AND THEIR PARENTS

DATED: 25/05/2018 GDPR PRIVACY NOTICE FOR HOPES & DREAMS LTD FOR EMPLOYEES, CHILDREN ATTENDING A GROUP NURSERY AND THEIR PARENTS DATED: 25/05/2018 GDPR PRIVACY NOTICE FOR HOPES & DREAMS LTD FOR EMPLOYEES, CHILDREN ATTENDING A GROUP NURSERY AND THEIR PARENTS 1 WHAT IS THE PURPOSE OF THIS DOCUMENT? Hopes & Dreams Ltd ( the Nursery

More information

Middleton International School Personal Data Protection Statement

Middleton International School Personal Data Protection Statement Personal Data Protection Statement (MIS) respects the privacy of individuals and recognizes the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly

More information

Policy Document for: Data Protection (GDPR) Approved by Directors: September Due for Review: September Statement of intent

Policy Document for: Data Protection (GDPR) Approved by Directors: September Due for Review: September Statement of intent Policy Document for: Data Protection (GDPR) Approved by Directors: September 2017 Due for Review: September 2020 1. Statement of intent Timu Academy Trust is required to keep and process certain information

More information

Opus2 or an Opus2 Affiliate within the Group (as applicable), shall be the Data Controller in respect of the Personal Data covered in this Notice.

Opus2 or an Opus2 Affiliate within the Group (as applicable), shall be the Data Controller in respect of the Personal Data covered in this Notice. Introduction Your privacy is important to Opus2. We have drafted this Privacy Notice (also referred to as Notice in this document) to help you understand who we are, what Personal Data we collect about

More information

Data Protection Policy

Data Protection Policy Data Protection Policy (Data Protection Act 1998) (This policy will be updated to incorporate GDPR by May 2018) Page 1 of 9 Data Protection Policy 1 Statement of Policy The Constellation Trust needs to

More information

Northcliffe Surf Life Saving Supporters Association Inc. Privacy Policy

Northcliffe Surf Life Saving Supporters Association Inc. Privacy Policy Northcliffe Surf Life Saving Supporters Association Inc. Privacy Policy Privacy Policy of Northcliffe Surf Life Saving Supporters Association Inc., Liquor License 80338 Application The Privacy Policy applies

More information

Information Collection & Privacy Policy

Information Collection & Privacy Policy The Privacy Act 1988 (Cth) (Privacy Act) seeks to protect individuals against interferences with their privacy by regulating the way in which personal information is collected, handled, disclosed, used

More information

St Stephen in Brannel Parish Council PRIVACY NOTICE. For Staff*, Councillors and Role Holders 1 **

St Stephen in Brannel Parish Council PRIVACY NOTICE. For Staff*, Councillors and Role Holders 1 ** St Stephen in Brannel Parish Council PRIVACY NOTICE Mrs Linda Ranger - Clerk and RFO E-mail: clerk@ststepheninbrannel-pc.org.uk www.ststepheninbrannel-pc.org.uk Office 2, Brannel Room 22 Fore Street, St

More information

This policy is a public document and has been prepared in light of National Privacy Principle 5, Openness.

This policy is a public document and has been prepared in light of National Privacy Principle 5, Openness. PRIVACY POLICY This document relates to your personal information, collected by Biarri as part of the Subscriber sign up process and your use of Biarri services, and held by Biarri as part of our day-to-day

More information

Delegations under Section 41 of the State Sector Act 1988

Delegations under Section 41 of the State Sector Act 1988 SSC Guidance Delegations under Section 41 of the State Sector Act 1988 Introduction Effective April 2014 1 The State Sector Act 1988, Public Finance Act 1989, and Crown Entities Act 2004 were amended in

More information

LIFE STYLE CARE PLC. Privacy Statement for Employees. August 2018

LIFE STYLE CARE PLC. Privacy Statement for Employees. August 2018 LIFE STYLE CARE PLC Privacy Statement for Employees August 2018 Key points Why we use your personal data: We typically use your personal information for purposes related to your employment relationship

More information

Copyright 2018, Tech Mahindra. All rights reserved. WORKER PRIVACY NOTICE

Copyright 2018, Tech Mahindra. All rights reserved. WORKER PRIVACY NOTICE Copyright 2018, Tech Mahindra. All rights reserved. Table of Contents 1. SCOPE OF APPLICATION... 3 2. DETAILS OF THE NOTICE... 3 2.1 WHAT PERSONAL DATA WE COLLECT... 3 2.2 WHY WE COLLECT, USE AND STORE

More information

RSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company )

RSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company ) RSD Technology Limited - Data protection policy: Introduction Company Name: Document DP3 Topic: RSD Technology Limited ( the Company ) Data Protection Policy Data protection Date: 25 th May 2018 Version:

More information

BAYER AUSTRALIA POLICY PRIVACY

BAYER AUSTRALIA POLICY PRIVACY BAYER AUSTRALIA POLICY PRIVACY Policy Owner: Law, Patents & Compliance Policy Effective: 10 June 2015 Last Reviewed: 20 October 2015 Policy Approved By: CGC TABLE OF CONTENTS 1. SCOPE...3 2. PURPOSE...3

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY At Hopes and Dreams Nanny and Babysitting Agency we take privacy and data protection very seriously. We need to gather and use certain information about individuals; these can include

More information

Privacy Notice for Candidates

Privacy Notice for Candidates Privacy Notice for Candidates 1. Introduction We, National Grid PLC and its associated groups, as the Data Controller, who can be contacted at Warwick Technology Park, Gallows Hill, Warwick CV34 6DA, are

More information

N.A.P.P.I. (UK) Limited - Course Participant Data Protection Statement

N.A.P.P.I. (UK) Limited - Course Participant Data Protection Statement N.A.P.P.I. (UK) Limited - Course Participant Data Protection Statement In the course of our business we collect, store and process personal information about those people who register for and/or attend

More information

Privacy Policy PURPOSE SCOPE POLICY. Data Collection

Privacy Policy PURPOSE SCOPE POLICY. Data Collection Privacy Policy PURPOSE 1. To ensure Training & Assessment Mentor maintains the privacy of personal information provided to Training & Assessment Mentor from Staff and Students. SCOPE 2. This document describes

More information

Little Gaddesden C. of E. Primary School

Little Gaddesden C. of E. Primary School PRIVACY NOTICE - PARENTS AND CARERS Approved by Resources Committee 21 May 18 Approved by Governing Body 22 May 18 Review by May 20 Little Gaddesden School collects data and information about parents /

More information

Wellington College Belfast

Wellington College Belfast Wellington College Belfast PRIVACY NOTICE For Those Employed to Teach at a Controlled School Signed: Approved by Board of Governors Date: t21-41%,2o( Reviewed Date: version Date Published Responsible Officer

More information

DIGITGAIN LTD. Rectory Road, Padworth Common, West Berkshire, RG7 4JD Tel: DATED GDPR PRIVACY POLICY FOR EMPLOYEES,

DIGITGAIN LTD. Rectory Road, Padworth Common, West Berkshire, RG7 4JD Tel: DATED GDPR PRIVACY POLICY FOR EMPLOYEES, DIGITGAIN LTD Rectory Road, Padworth Common, West Berkshire, RG7 4JD Tel: 0118 971 3840 DATED GDPR PRIVACY POLICY FOR EMPLOYEES, CHILDREN ATTENDING JUBILEE AND THEIR PARENTS Guidance from - Compiled by

More information

RECRUITMENT PRIVACY NOTICE

RECRUITMENT PRIVACY NOTICE SCOPE OF PRIVACY NOTICE RECRUITMENT PRIVACY NOTICE 1. Like most businesses, we hold and process a wide range of information, some of which relates to individuals who are applying to work for us. This notice

More information

We reserve the right to update this privacy notice at any time. Please check our website from time to time for any changes we may make.

We reserve the right to update this privacy notice at any time. Please check our website from time to time for any changes we may make. What is the purpose of this document? NORTHERN IRELAND SCREEN COMMISSION (Company Number NI031997) whose registered office is at 3 rd Floor Alfred House, 21 Alfred Street, Belfast, BT2 8ED is committed

More information

Information Governance Clauses Clinical and Non Clinical Contracts

Information Governance Clauses Clinical and Non Clinical Contracts Information Governance Clauses Clinical and Non Clinical Contracts Policy Number Target Audience Approving Committee Date Approved Last Review Date Next Review Date Policy Author Version Number IG014 All

More information

Contract Services Europe Privacy Notice

Contract Services Europe Privacy Notice Contract Services Europe Privacy Notice Page 1 of 6 1. INTRODUCTION This privacy notice describes how we collect and use your personal information you provide to us, in accordance with the General Data

More information

PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING Greenside School

PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING Greenside School PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING Greenside School Greenside School collects data and information about parents / carers of our pupils so that we can operate effectively as a school.

More information

SUNSEEKER INTERNATIONAL LIMITED PRIVACY POLICY FOR JOB APPLICANTS

SUNSEEKER INTERNATIONAL LIMITED PRIVACY POLICY FOR JOB APPLICANTS SUNSEEKER INTERNATIONAL LIMITED PRIVACY POLICY FOR JOB APPLICANTS 1. INTRODUCTION 1.1 This Privacy Policy describes in detail who is responsible for the personal that we collect about you, what personal

More information

PRIVACY NOTICE for Welsh St Donat s Community Council, May 2018

PRIVACY NOTICE for Welsh St Donat s Community Council, May 2018 PRIVACY NOTICE for Welsh St Donat s Community Council, May 2018 NOTE: Welsh St Donat s Community Council is a small, rural Community Council and, compared with many councils and public bodies, processes

More information

The UK legislation is wholly retrospective and applies to all information held by public authorities regardless of its date.

The UK legislation is wholly retrospective and applies to all information held by public authorities regardless of its date. FREEDOM OF INFORMATION POLICY INTRODUCTION The Freedom of Information (FOI) Act was passed in 2000 and replaces the Open Government Code of Practice that has been in place since 1994. The Act gives the

More information

THE PORTSMOUTH GRAMMAR SCHOOL

THE PORTSMOUTH GRAMMAR SCHOOL THE PORTSMOUTH GRAMMAR SCHOOL STAFF PRIVACY NOTICE In the course of your employment, engagement or other basis of work undertaken for the school, we will collect, use and hold ( process ) personal data

More information

When we talk about we we mean Volt. When we talk about you we mean any customer of Volt whose personal data we may control or process.

When we talk about we we mean Volt. When we talk about you we mean any customer of Volt whose personal data we may control or process. EU Privacy Policy v.1 This policy explains how we might come to receive your personal data (if not directly from you), how we use it, how and where we store it and what rights you have to deletion of your

More information

UoW takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident.

UoW takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident. PRIVACY NOTICE UNIVERSITY OF WARWICK We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information,

More information

DATED. 14 th MAY 2018 GDPR PRIVACY NOTICE FOR TRUSTEES, EMPLOYEES, VISITORS, STUDENTS, CHILDREN ATTENDING

DATED. 14 th MAY 2018 GDPR PRIVACY NOTICE FOR TRUSTEES, EMPLOYEES, VISITORS, STUDENTS, CHILDREN ATTENDING DATED 14 th MAY 2018 GDPR PRIVACY NOTICE FOR TRUSTEES, EMPLOYEES, VISITORS, STUDENTS, CHILDREN ATTENDING UNIVERSITY NURSERY PARENTS ASSOCIATION (UNPA) AND THEIR PARENTS. Compiled by For NDNA 1 st Floor

More information

Data Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents

Data Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents Company Name: Document: Topic: System People ( the Company ) Data Protection Policy Data protection Date: 28/4/2018 Version: 1 Contents Introduction Definitions Data processing under the Data Protection

More information

TimePlan Education Group Ltd ( the Company ) Data Protection. Date: April Version: 001. Contents

TimePlan Education Group Ltd ( the Company ) Data Protection. Date: April Version: 001. Contents Company Name: Document DP3 Topic: ( the Company ) Data Protection Policy Data Protection Date: April 2018 Version: 001 Contents Introduction Definitions Data processing under the Data Protection Laws 1.

More information

Responsible Business Alliance. Data Privacy and GDPR Compliance Policy

Responsible Business Alliance. Data Privacy and GDPR Compliance Policy Responsible Business Alliance Data Privacy and GDPR Compliance Policy 1. INTRODUCTION 1.1 As a global non-profit membership organisation, the Responsible Business Alliance ( RBA ) has a responsibility

More information

GDPR Policy of Lovedaycare Nursery

GDPR Policy of Lovedaycare Nursery GDPR Policy of Lovedaycare Nursery WHAT IS THE PURPOSE OF THIS DOCUMENT? DATED 24 May 2018 GDPR PRIVACY NOTICE FOR EMPLOYEES, CHILDREN ATTENDING LOVEDAYCARE LTD AND THEIR PARENTS Lovedaycare Ltd is a company

More information

Elections Ontario Privacy Policy

Elections Ontario Privacy Policy Elections Ontario Privacy Policy OFFICE OF THE CHIEF ELECTORAL OFFICER ELECTIONS ONTARIO November 2012 TABLE OF CONTENTS Section 1: Introduction... 3 Section 2: Definitions... 4 Section 3: Scope... 5 Section

More information

PRIVACY NOTICE FOR PARENTS/CARERS OF PUPILS ATTENDING WARREN DELL PRIMARY SCHOOL

PRIVACY NOTICE FOR PARENTS/CARERS OF PUPILS ATTENDING WARREN DELL PRIMARY SCHOOL Warren Dell Primary School PRIVACY NOTICE FOR PARENTS/CARERS OF PUPILS ATTENDING WARREN DELL PRIMARY SCHOOL Warren Dell Primary School collects data and information about parents/carers of our pupils so

More information

Data Protection Policy

Data Protection Policy THE CIPPENHAM SCHOOLS TRUST Data Protection Policy *Date for revision: Summer Term 2018 Responsibility for policy: Responsibility for operational: Trustees Trustees Reviewed by Directors: *subject to any

More information

OLA Privacy Policy for Australia

OLA Privacy Policy for Australia OLA Privacy Policy for Australia 1. Respecting your privacy OLA Australia Pty Ltd and its related bodies corporate (including its ultimate holding company, ANI Technologies Private Limited) (the OLA Group)

More information

BROOKS PERSONAL TRAINING

BROOKS PERSONAL TRAINING BROOKS PERSONAL TRAINING Data Protection Policy Data Protection Policy Lent 2017 0 DATA PROTECTION POLICY Table of Contents: 1. Document Control... 2 2. Introduction... 3 3. General Statement of Scope...

More information

General Optical Council. Data Protection Policy

General Optical Council. Data Protection Policy General Optical Council Data Protection Policy Authors: Lisa Sparkes Version: 1.2 Status: Live Date: September 2013 Review Date: September 2014 Location: Internet / Intranet Document History Version Date

More information

This privacy notice applies to School staff, including employees, workers, secondees and contractors.

This privacy notice applies to School staff, including employees, workers, secondees and contractors. London School of Hygiene & Tropical Medicine Privacy Notice for Staff London School of Hygiene & Tropical Medicine (a higher education institution established by Royal Charter and an exempt charity with

More information

LSEG Recruitment Privacy Notice

LSEG Recruitment Privacy Notice LSEG Recruitment Privacy Notice Version 1.0 16 May 2018 RECRUITMENT PRIVACY NOTICE 1. INTRODUCTION 1.1 This Privacy Notice explains how the London Stock Exchange Group plc and the London Stock Exchange

More information

Recruitment Privacy Notice

Recruitment Privacy Notice Recruitment Privacy Notice Relating to Applicants & Candidates who wish to become members of staff (the Notice ) Effective as at 25 th May 2018 (inclusive) 1. Purpose of this Notice Purpose of this Notice

More information

Orbit Recruitment Privacy Policy

Orbit Recruitment Privacy Policy Orbit Recruitment Privacy Policy Introduction Orbit are the controllers of the information ( personal data ) that we collect about you, our data subjects, which means we are responsible for how your data

More information

CDMS Consulting Engineers Privacy Policy

CDMS Consulting Engineers Privacy Policy CDMS Consulting Engineers Privacy Policy This Privacy Policy sets out the approach Design Engineering P t y L t d trading as CDMS Consulting Engineers (CDMS) will take in relation to the treatment of Personal

More information

HITCHIN GIRLS SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING HITCHIN GIRLS SCHOOL

HITCHIN GIRLS SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING HITCHIN GIRLS SCHOOL HITCHIN GIRLS SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS ATTENDING HITCHIN GIRLS SCHOOL Hitchin Girls School collects data and information about parents / carers of our pupils so that we can

More information

The Galway Clinic (GC) has implemented this document to demonstrate its commitment to the

The Galway Clinic (GC) has implemented this document to demonstrate its commitment to the Galway Clinic Recruitment Privacy Notice 1. Introduction The Galway Clinic (GC) has implemented this document to demonstrate its commitment to the protection of your personal data. We recognises that protecting

More information

Recruitment Privacy Notice

Recruitment Privacy Notice Recruitment Privacy Notice As part of our candidate application and recruitment process Elmwood collects, processes and stores personal information about you. We process this information for a range of

More information

Crimmins Hotels and Leisure Ltd Job Applicant Privacy Notice

Crimmins Hotels and Leisure Ltd Job Applicant Privacy Notice Crimmins Hotels and Leisure Ltd Job Applicant Privacy Notice 1 What does this Privacy Notice do and how does it apply to me? 1.1 The purpose of this Privacy Notice is to inform you why and how Crimmins

More information

THE COMPETITION AND CONSUMER PROTECTION COMMISSION JOB APPLICANT PRIVACY NOTICE 1. INTRODUCTION... 2

THE COMPETITION AND CONSUMER PROTECTION COMMISSION JOB APPLICANT PRIVACY NOTICE 1. INTRODUCTION... 2 THE COMPETITION AND CONSUMER PROTECTION COMMISSION JOB APPLICANT PRIVACY NOTICE CONTENT 1. INTRODUCTION... 2 2. IDENTITY OF THE CONTROLLER OF PERSONAL INFORMATION... 2 3. CONTACT DETAILS OF THE DATA PROTECTION

More information

HOLY TRINITY CE PRIMARY SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS

HOLY TRINITY CE PRIMARY SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS HOLY TRINITY CE PRIMARY SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS Holy Trinity collects data and information about parents / carers of our pupils so that we can operate effectively as a school.

More information

SOP MRS HR Applicant Privacy Notice

SOP MRS HR Applicant Privacy Notice OVERVIEW OF HSSE ASSURANCE SOP MRS HR Applicant Privacy Notice Owner s approval: Function: Gillian Pollock HR Director Authorised: Date: Page 1 of 3 Contents: 1. Amendments & Distribution 2. Policy Statement

More information

DATED th May GDPR PRIVACY NOTICE AND THEIR PARENTS

DATED th May GDPR PRIVACY NOTICE AND THEIR PARENTS DATED ------24 th May 2018 ------ GDPR PRIVACY NOTICE CHILDREN ATTENDING UNDER 1 ROOF KIDS NURSERY AND THEIR PARENTS Compiled by For NDNA 1 st Floor Sefton House, Northgate Close, Bolton, BL6 6PQ Stephensons

More information

Recruitment Privacy Notice

Recruitment Privacy Notice Recruitment Privacy Notice Issued: 1 June 2018 Revised: N/A 1. What is this notice for? The Royal Academy of Dance (RAD) has prepared this notice to make sure that you have the information that you are

More information

P Drive_GDPR_Data Protection Policy_May18_V1. Skills Direct Ltd ( the Company ) Data protection. Date: 21 st May Version: Version 1.

P Drive_GDPR_Data Protection Policy_May18_V1. Skills Direct Ltd ( the Company ) Data protection. Date: 21 st May Version: Version 1. Company Name: Document DP3 Topic: Skills Direct Ltd ( the Company ) Data Protection Policy Data protection Date: 21 st May 2018 Version: Version 1 Contents Introduction Definitions Data processing under

More information

Data Protection Policy for the Grimsby Institute of Further & Higher Education

Data Protection Policy for the Grimsby Institute of Further & Higher Education Data Protection Policy for the Grimsby Institute of Further & Higher Education Data Protection Policy Change Control Version: V1.1 New or Replacement: Approved by: Replacement Executive Management Team

More information

SSAB s Recruitment privacy statement

SSAB s Recruitment privacy statement Recruitment Privacy NA Information 2018-05-22 1(5) SSAB s Recruitment privacy statement This Privacy informs why and how SSAB AB including its affiliates, and partners ("SSAB") collects, uses or shares

More information

We have prepared a general privacy notice covering all subject data and including use of our website at

We have prepared a general privacy notice covering all subject data and including use of our website at Privacy Notice Elliott Scott HR Recruitment is aware of its obligations in Europe to comply with General Data Protection Regulation (GDPR) and is committed to processing personal data securely and transparently.

More information

Support Worker Application Form

Support Worker Application Form Support Worker Application Form Job reference no. Please complete and return this form to: Job title Closing date Interview date DATA PROTECTION The details of our processing activities in relation to

More information

ARTICLE 29 DATA PROTECTION WORKING PARTY

ARTICLE 29 DATA PROTECTION WORKING PARTY ARTICLE 29 DATA PROTECTION WORKING PARTY 00350/09/EN WP 159 Opinion 1/2009 on the proposals amending Directive 2002/58/EC on privacy and electronic communications (e-privacy Directive) Adopted on 10 February

More information

2.1.2 Gender, age, date of birth, marital status and nationality;

2.1.2 Gender, age, date of birth, marital status and nationality; PRIVACY STATEMENT FOR THE ROMAN CATHOLIC ARCHDIOCESE OF SOUTHWARK 1 INTRODUCTION 1.1 The Roman Catholic Archdiocese of Southwark (the "Diocese") is a charity registered with the Charity Commission in England

More information

WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION

WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION REGULATION (GDPR) WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION REGULATION (GDPR) Published by: The

More information

GDPR Annotated Privacy Statement

GDPR Annotated Privacy Statement GDPR Annotated Privacy Statement Granicus September 6, 2018 granicus.com info@granicus.com page 1 Introduction: Granicus LLC. and GovDelivery Europe, Ltd. ( Granicus or Company ) is committed to maintaining

More information

Privacy Statement - Recruitment

Privacy Statement - Recruitment Privacy Statement - Recruitment Updated: 25 May 2018 INTRODUCTION Walkers is an international law firm and professional services business with offices in a number of countries, including an associated

More information

The provision of personal information through this Site is subject to this Privacy Notice.

The provision of personal information through this Site is subject to this Privacy Notice. RECRUITMENT POLICY This document explains how Glory Global Solutions may process your personal data and the rights you have in this respect as well as information on equal opportunities and other terms

More information

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe, Recommendation CM/Rec(2015)5 of the Committee of Ministers to member States on the processing of personal data in the context of employment (Adopted by the Committee of Ministers on 1 April 2015, at the

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Name of Chair: Mr David Mann Name of Headteacher: Mrs Eileen Bissell Name of person Responsible: Mrs Eileen Bissell Adopted and Agreed on: October 2015 Date of Review: October 2018

More information

Recruitment/appointment including assessing your job application

Recruitment/appointment including assessing your job application CANDIDATE DATA PRIVACY NOTICE This Candidate Data Privacy Notice (this Notice) is intended to ensure that you are aware of what personal data Clark Germany GmbH (Clark Germany GmbH, we, us, our) with a

More information

GDPR POLICY. This policy complies with the requirements set out in the GDPR, which will come into effect on

GDPR POLICY. This policy complies with the requirements set out in the GDPR, which will come into effect on GDPR POLICY Sponsors Statement All The Bishop of Winchester Academy policies exist to support the Sponsors vision, Christian ethos and values that are embedded in the day-to-day and long term running of

More information

THINK LEGAL RECRUITMENT PRIVACY POLICY ONLINE AND GENERAL USE

THINK LEGAL RECRUITMENT PRIVACY POLICY ONLINE AND GENERAL USE THINK LEGAL RECRUITMENT PRIVACY POLICY ONLINE AND GENERAL USE As a business, we are committed to ensuring privacy to all those that use our website as well as to those that provide personal data to us

More information

ARTICLE 29 Data Protection Working Party

ARTICLE 29 Data Protection Working Party ARTICLE 29 Data Protection Working Party 05/EN WP108 Working Document Establishing a Model Checklist Application for Approval of Binding Corporate Rules Adopted on April 14 th, 2005 This Working Party

More information

2 What personal information are we collecting?

2 What personal information are we collecting? GDPR transparency notice for candidates (contractors and permanents) Electus Recruitment Solutions is the trading name of (we), company number 04636093 and registered office at Richmond House, Richmond

More information

WEWORK PRIVACY POLICY FOR PEOPLE DATA

WEWORK PRIVACY POLICY FOR PEOPLE DATA WEWORK PRIVACY POLICY FOR PEOPLE DATA OVERVIEW WeWork Companies Inc. and our affiliates and subsidiaries (referred to together as WeWork, we, our or us ) respect individual privacy and take the privacy

More information

WILLIAM FRY JOB APPLICATION/RECRUITMENT DATA PROTECTION NOTICE

WILLIAM FRY JOB APPLICATION/RECRUITMENT DATA PROTECTION NOTICE WILLIAM FRY JOB APPLICATION/RECRUITMENT DATA PROTECTION NOTICE 1. PURPOSE AND SCOPE OF NOTICE This notice is intended to explain how your Personal Data will be handled by William Fry and sets out the information

More information

Data Protection Policy

Data Protection Policy Hand in Hand We Learn OUR LADY & ST ANSELM S RC PRIMARY SCHOOL Data Protection Policy All children are recognised as unique individuals and nurtured in a caring family environment, with Christ at its centre.

More information

EDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants

EDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants EDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants 1 Overview Data Protection Policy for Employees, Workers

More information

GUIDELINES FOR IMPLEMENTING A PRIVACY MANAGEMENT PROGRAM For Privacy Accountability in Manitoba s Public Sector

GUIDELINES FOR IMPLEMENTING A PRIVACY MANAGEMENT PROGRAM For Privacy Accountability in Manitoba s Public Sector GUIDELINES FOR IMPLEMENTING A PRIVACY MANAGEMENT PROGRAM For Privacy Accountability in Manitoba s Public Sector TABLE OF CONTENTS INTRODUCTION... 2 Accountable privacy management 2 Getting started 3 A.

More information

EARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY

EARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY EARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY Adopted: 5 June 2018 1 Earls Hall Baptist Church is committed to protecting all information that we handle about people we support and work with, and to

More information