ISC Privacy Notice for Clients & Suppliers
Who are we:
Integrated Security Consultants Limited (ISC) are industry leaders in the supply of professional security personnel and consultancy services. ISC holds and processes information about clients, suppliers and other data subjects for administrative and commercial purposes. When handling such information, ISC and all staff or others who process or use any personal information, must comply with the General Data Protection Regulations (GDPR) from 25th May 2018. In summary these state that personal data shall:
a) Be processed fairly and lawfully
b) Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with the purpose
c) Be adequate, relevant and not excessive for the purpose
d) Be accurate and up-to-date
e) Be accessible upon request
f) Not be kept for longer than necessary for the purpose for which it was collected
g) Be processed in accordance with the data subject's rights
h) Be kept safe from unauthorised processing, and accidental loss, damage or destruction
i) Not be transferred to a country outside the European Economic Area, unless that country has equivalent levels of protection for personal data, except in specified circumstances.
Our Privacy Mission Statement:
At ISC, we value the trust placed in us by customers, suppliers and colleagues who give us their personal data. Data security is one of our highest priorities and we aim to be as clear as possible about what we do with personal data and why we do it.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding processing your personal data and how we will treat it.
1. Who is our data controller - contacting us
Our data controller is ISC’s General Manager, should you have any queries regarding your personal data our contact details are: Tel: 020 8795 1991 – Option 1, or e-mail: HR@iscltd.net
2. The purpose(s) of processing your personal data
We use your personal data for the following purposes:
Customer satisfaction surveys
Legal and regulatory obligation
3. The categories of personal data collected
We process the following categories of your data: names; email address; company telephone number; static IP address; job title and company address.
4. What is our legal basis for processing your personal data?
Processing necessary for the performance of a contract with the data subject or to take steps to enter into a contract
Processing necessary for compliance with a legal obligation
Consent of the data subject for newsletters & marketing etc.
5. Sharing your personal data
Your personal data will be treated as confidential and will only be shared with either ISC personnel required to review the data, as data processors, or external regulatory and assessing bodies, for the purpose of ISC being assessed on our operations, for quality and regulatory reasons.
6. How long do we keep your personal data?
We will keep your personal data for no longer than reasonably necessary for a period of 7 years, in order to meet legal requirements, examples include: in case of any legal claims/complaints; for safeguarding purposes etc., in certain instances we may keep your data for a longer period.
7. Providing us with your personal data
We require your personal data in order to enter into a contract with you. Should you not wish to supply us with your personal data, unfortunately we will not be able to enter into a contract with you.
8. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
The right to request a copy of the personal data which we hold about you.
The right to request that we correct any personal data if it is found to be inaccurate or out of date.
The right to request your personal data to be erased, where it is no longer necessary to retain such data.
The right to withdraw your consent to the processing at any time, i.e. signing up to a newsletter or marketing information.
In certain circumstances, you have the right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
The right to request a restriction is placed on further processing of your data in situations where there is a dispute in relation to the accuracy or processing of your personal data.
The right to object to the processing of personal data. Where applicable, if processing is based on legitimate interests or the performance of a task in the public interest or exercise of official authority, then this right may not be exercised.
9. Transfer of Data Abroad -
We do not transfer personal data outside of the European Economic Area (EEA)
10. Further processing -
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.
12. Keeping your data secure
We have systems and employee policies to help safeguard your privacy from unauthorised access and improper use. We will continue to update these measures, as appropriate, when new technology becomes available. Our systems and website are hosted on servers located in the UK
13. How to make a complaint -
To exercise all relevant rights, queries or complaints please in the first instance call 020 8795 1991 – Option 1, or e-mail: HR@iscltd.net
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office https://ico.org.uk/concerns/ Tel: 0303 123 1113 or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshier, SK9 5AF, England.