The purpose of this policy is to establish controls to ensure compliance with all applicable privacy and data protection policies to ensure that the Company’s – POGC Ltd business is conducted in a socially responsible manner. POGC Ltd (“POGC”, “we”, “us”) are committed to protecting the privacy and security of those with whom we interact. We recognise the need to respect and protect information that is collected or disclosed to us, such as personal information.
In this policy, we intent to inform you how we collect and use personal information during and after your relationship with us, in accordance with applicable Data Protection Laws.
2. Who We Are
POGC is a family owned business within the construction industry offering quality painting, spray-painting, and decorating, plastering and minor building repair solutions to a wide variety of buildings including new builds, refurbishments, schools and social housing associations. Our remit is to offer excellent customer service resulting in a professional and safe environment for our contractors at all times.
As a company, POGC is committed to handling data fairly, lawfully and in a transparent manner whilst also taking our data protection obligations seriously. We ensure that Personal Information is processed in a manner that is complaint with applicable data protection laws, including the General Data Protection Regulation 2016/679 (“GDPR”). We are required by law to inform and notify you of the information contained in the Privacy Notices.
Our Commitment is to:
A Data Protection Policy is for your own corporate data. This includes accounting records, customer information, order status, proprietary data, trade secrets, and your daily operational data, like emails, documents, etc. The Data Protection Policy will go into detail about the kinds of data we have, and the level of protection required for each type.
4. PRIVACY NOTICE
4.1 What is Personal Information and What Personal Information Does POGC Collect About You?
Your personal data is any information relation to you from which you can be identified, directly or indirectly. This information will include, for example, your name, address, telephone number, location data, online identifier, such as cookies and IP address; photographs or one or more factors specific to your physical, physiological, genetic, mental, financial, economic, cultural or social. Other information included that does not, on its own identify you, will be combined with that information that identifies you to will be treated as Personal Information.
We may collect use, store and transfer different kinds of Personal Information about you including your name, contact details, medical and healthcare information, bank details, time sheet information, employment history, driving licence and passport, gender, disciplinary and grievance information, performance information, recruitment information, criminal offence data, race, ethnicity, religious beliefs, location of employment or workplace, employer’s details, compensation history, photographs andvideo images, and biometric data in the form of fingerprints (please see Appendix III of this Privacy Notice in respect of our use of biometric data).
Where you provide personal data about another person, this policy will also apply to that data so please share it with that person.
4.2 How Is Your Personal Information Collected?
This policy applies to any personal data which you may provide to us in person, over the telephone, by email, on our website and/or by post. This policy also applies to any personal data which we may collect from third parties about you and/or which we may collect when you access our website and/or in the course of our relationship. When we combine other information (i.e. information that does not, on its own, identify you) with Personal Information, we treat the combined information as Personal Information.
You can choose not to give personal data. We may need to collect personal data by law, or under the terms of a contract and/or relationship that we have with you. If you choose not to give us this personal data, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services so we cancel a product or service you have with us.
Wherever we refer to “processing” of personal data in this Privacy Notice / Policy; this includes any combination of the following activities: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We may collect personal data from you in the following ways:
We may collect your personal data from third parties we work with including:
The type of information we may ask you to provide about yourself and therefore collect includes, but is not limited to:
Please note that we may require this information to be able to respond to your enquiry or to provide our services or marketing information to you. You can however at any time tell us to change or remove any personal data or to stop or restrict the processing of your personal data.
4.3 How Your Personal Information Is Used.
We may use the personal data collected/provided by you to:
5. Legal basis for processing Your Personal Information.
We need to have a proper reason under the GDPR whenever we process your personal data ourselves or share it with others outside of POGC & Liba Decorative Solutions Ltd.
These reasons are:
A legitimate interest is when we have a business or commercial reason to process your personal data, but this must not unfairly go against your rights. If we rely on our legitimate interest, we will tell you what that is.
Unless we have your explicit consent to do so, we will not process special categories of personal data revealing any of the following information about you: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, sex life or sexual orientation.
Where we have stated above that our grounds are that we have your consent, we will understand your consent to have been given when you expressly accept these terms. You can withhold or withdraw your consent at any time using the contact details for the DPO or the Company Secretary in this notice.
Where we don’t have your express consent we may base our processing of your personal data on any other basis that applies.
If we intend to use your personal data for any purpose not stated above we will first notify you of the intended use and the legal grounds.
You can choose which channel you’d like us to contact you on, for marketing purposes and with information regarding our products and services at the point this information is collected – this can be done by checking or unchecking the relevant boxes as directed. If you no longer wish for us to communicate with you, you can follow the instructions on how to unsubscribe from emails, letters or texts by following the details within those communications to you. Alternatively you can contact us by post or email at the address provided.
6. Sharing Your Personal Information
We may disclose your personal data to third parties in certain circumstances but we will not sell, rent or trade your personal data.
Your personal data may be transferred outside the UK and the European Economic Area. Some countries have adequate protection of personal data under their laws but where this is not the case we will be responsible for ensuring that appropriate security and privacy safeguards are in place, either by requiring the recipient to have signed up to a recognised international framework of data protection or by contractual obligations.
Where relevant, we may give third party providers who supply services to us, or who process personal data on our behalf, access to your personal data in order to help us to process it for the purposes set out above. When doing so, we will ask them to confirm that their security measures are adequate to protect your personal data.
Within the purposes set out above we may share your personal data with the following third parties:
7. Protecting Your Information
We will seek to keep your personal data secure by taking appropriate technical and organisational measures against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Only authorised personnel and third parties will have access to your personal data.
If logging on to our website it is your responsibility to protect log in details. You must treat these as confidential and must not share or disclose your log in details to any other party.
We will retain your personal data for no longer than the period of time needed for the purposes that we collected the data and for as long as we have legal grounds to retain it. There is no fixed period after which all record of your personal data will be deleted as this will depend on the circumstances and the purposes of the processing but we will take steps and maintain policies to keep retention under proper review. We will not seek your consent before deleting any personal data.
8. Changes to this Policy / Notice
Any changes we may make to this Policy / Privacy Notice in the future will be posted on our website and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes.
9. Your Right Of Access to Your Personal Data
You have the right to access your personal data including us providing to you, without charge, a copy (which may be in electronic form) of any of your personal data that we are processing or that third parties are processing on our behalf.
We will also provide to you, if you request it, the following information:
Requests for this information or a copy of your personal data should be in writing, enclosing proof of identification such as a copy of your passport, driving licence or other documentation confirming your name and address (for example a utility bill) to be addressed to:
52 Upper Tooting Road
10. Your Right To Removal or Correction of Personal Information and To Restrict Processing
You have the following rights under GDPR:
In each case we will tell you what action we are taking and we will also notify any third party to whom the data has been disclosed. Your request should be made to the address above.
11. Your rights concerning automated processing and profiling
You have the following rights under GDPR over automated decisions and profiling.
Your request should be made to the address above.
12. Your rights concerning data portability
You have the right to receive from us the personal data that you have given us in a structured, commonly used and machine-readable format (“Right to data portability”) and/or to have the data sent by us directly to another party. Please note that this right only applies in certain circumstances, which is when we held the data on grounds of your consent or to perform a contract with you or for steps preparatory to such a contract and we were processing that data by automated means.
Your request should be made to the address above.
13. Your rights to complain to the regulator
Please let us know if you are unhappy with how we have processed your personal data. You can contact us by writing to the Administrator. You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) which is the UK supervisory authority for the processing of personal data. Further details are available on the ICO’s website.
14. Enquiries and to exercise rights
If you have any questions, or want more details about how we process your personal data or if you wish to exercise any of your rights, you can contact us by writing to the Administrator at the address given above.