Privacy Policy

 

Activity: Collection, holding and release of personal data as regulated by GDPR

 

Purpose: 

This Policy has been updated in response to GDPR regulations.

The aim of this policy is to set out what personal information Pascoe hold, why it is needed, how it is held and how it can be accessed.

 

What personal data does Pascoe collect:

Pascoe aim to collect a minimum of personal data as required to carry out their business. A brief summary of the data collected is as follows:

1.    Staff records including contact information, identification and banking information.

2.    Staff performance records including time and attendance records, disciplinary information and training records.

3.    Client contact information

4.    Client payment information including invoicing addresses and credit card information.

5.    Potential sales contacts, marketing contacts, industry contacts and previous client contact information.

CCTV images of public and staff.

 

Why is this personal data collected:

With reference to the above points, Pascoe collects data for the following purposes:

1.    As required by Employment Law and to enable communication with staff and next of kin. To ensure that staff are legally able to work and protected as required by Law. To enable wage payments to be made.

2.    As required by Employment Law and to enable accurate payment in accordance with Pascoe’s Contract of Employment. To aid development of staff and to track and monitor issues.

3.    To enable communication with clients and their representatives in accordance with the related Contract of Sale for to the project. To enable Pascoe to manage the client’s purchases and projects with Pascoe and for the purposes of providing after sales support for clients.

4.    To enable invoicing of clients for work undertaken to contract, spares and support invoicing and to take ‘card holder not present’ payments for goods and services.

5.    To provide useful information to interested parties and potential clients, press etc. to inform interested parties of events and news at Pascoe and to market the services that the business offers.

To protect the property of Pascoe and its employees. To protect the safety of staff and the public. To investigate health and safety issues and dangerous events and accidents. To aid in the investigation of alleged crimes.

 

Who does Pascoe pass this data on to:

Pascoe does not sell any data to any third parties under any circumstances. Pascoe does not provide or pass on any personal information on to any third parties for sales or marketing purposes.

Certain information may be requested and released should a justified reason be put forward by a third party - for example the Police or Marina Management investigating an event outside of our facility that may have been covered by our CCTV system. Each request will need to be put forward in writing and will be considered on a case-by-case basis. Considerations shall be given to whether there is a potential breach of the law, a threat to the business or its staff and also whether the request for information is being made on legitimate grounds.

 

Where is this information stored:

All digital information is stored on the Pascoe on-site servers. Pascoe employ several security systems to ensure that external intrusion into their on-site servers is prevented so far as possible.

Internal access is authorised for Pascoe staff who need to view, manage and process personal data as part of their primary job role. Server folder access is granted by individual user and users are encouraged to manage their log on details in a secure manner. A number of data group locations exist on the servers to ensure that data is available in a controlled and restricted manner.

The only third party access is by Pascoe’s IT support provider who are able to connect to the Pascoe server remotely. A copy of their Privacy Policy in respect to this is held on file.

Where hard copy data is held this is stored within locked filing cabinets within the main Pascoe office. Only staff handling personal data as part of their primary job role have access to the keys for these filing cabinets.

 

Formats of information:

Data is held in the following formats:

·         Sage Accounting software for employee information, client information and bank details

·         Tensor time and attendance software for employee information, absence records, working time records etc.

·         iVMS CCTV recording software

·         ACT contact management software for client and market contact details

·         Microsoft Outlook mail

·         Microsoft Word documents and Excel spreadsheet for disciplinary records, training records, billing details etc.

·         PDF and JPEG copies of ID etc.

All of the above software can output in a PDF format for the purposes of release of information to third parties or the affected individual.

 

Consulting on holding data: 

Pascoe will hold all data required by law and enable employees to be paid and contracts to be fulfilled. Contracts of Sale and Contracts of Employment will be considered an opt in to Pascoe’s data holding policy – for example employee contact information, payment details and employment records, client contact information, invoicing details and payment records.

All third party data held in relation to marketing and sales communication will be subject to an ‘opt in’ email transmission sent out prior to GDPR go live.

Any data collected subsequent to GDPR coming into force shall….

 

Accessing the information held by Pascoe:

Pascoe will make the personal information held available to the individual should a request be made in writing. 

All information held regarding the individual will be released in digital form in Adobe PDF format. This can either be sent via email, or provided on memory stick.

Once released Pascoe take no responsibility for loss or transmission of personal data.

 

Destruction of data:

Pascoe will delete and or destroy personal data held if requested to do so by the individual in writing. This destruction of data will only be possible should such destruction not be in conflict with another law – for example the employment law and accounting law mentioned above. Where data cannot be destroyed due to an overriding law, Pascoe will inform the individual of such.

In addition Pascoe destroy some data collected at regular intervals:

·         All CCTV images not saved for future investigation are deleted after 30 days

All credit card details provided for remote payment are deleted as soon as the payment is processed

 

Signage:

Pascoe display signage in the area that the CCTV system is operational.