DAIFUKU LOGAN LTD - FAIR PROCESSING NOTICE
Our contact details:
Name | Mr Jason Price, Chief Operating Officer |
---|---|
Address | Daifuku Logan Ltd Sutton Road Kingston upon Hull HU7 0DR England |
Phone number | +44 (0)1482 785600 |
Jason.Price@daifuku-logan.com |
Daifuku Logan Ltd has a legal obligation to comply with applicable laws and regulations on data protection.
The General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”) came into force in 2018 to regulate the way in which personal information is held and used. The GDPR is retained in UK domestic law by provisions in the Data Protection Act 2018 (“UK GDPR”). Data protection is regulated in the UK by the Information Commissioners Office (ICO).
This Fair Processing Notice explains how personal data that we might collect from you, or that you might provide to us, is processed by us.
“Personal Data” means any information provided to us or which we obtain which relates to living individuals who can be identified from that information or from that information combined with other details in (or likely to come into) the possession of Daifuku Logan Ltd.
We explain how we deal with information about our employees in a separate Data Protection Policy set out in the Employee Handbook which applies to all of our UK employees.
Our Commitment to Data Protection Processes
- We will ensure that we comply with the seven Data Protection Principles set out in the UK GDPR.
- We will meet our legal obligations as laid down by the legislation.
- We will ensure that personal data is collected and used fairly and lawfully.
- We will process personal data only as needed in order to meet our operational needs or fulfil legal requirements.
- We will take steps to ensure that personal data is up to date and accurate.
- We will establish appropriate retention periods for personal data.
- We will ensure that data subjects' rights can be appropriately exercised.
- We will provide adequate security measures to protect personal data.
- We will ensure that all employees, workers and contractors are made aware of good practice in data protection.
- We will provide adequate training for all staff responsible for personal data.
- We will ensure that everyone handling personal data knows where to find further guidance.
- We will ensure that queries about data protection, internal and external to the organisation, are dealt with effectively and promptly.
- We will ensure that the company is equipped to deal properly and efficiently with any breach of data protection.
Information Processing by this Company
1. The type of information we have about you
This company is the Data Controller.
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics e.g. name and contact details.
- Information obtained from you about your experience, qualifications, training, trade references or credit check details.
- Where necessary, the details of the bank account(s) to which you wish to be paid.
- Information about the performance of your work for us including reviews of the standard of performance.
- Correspondence between you and us.
- A log of hours worked and time spent on different projects for us.
- Name and address if you are the next of kin of an employee of this company or a beneficiary or potential beneficiary of benefits we give to an employee of this company.
- Name, address and date of birth if you are the spouse of an employee who is a deferred or pensioner member of our occupational pension scheme.
- Details of any convictions which might affect your ability to obtain airport security passes or to access customer sites or travel to certain places to do work for us.
- If you are to drive one of our vehicles: Details from your driving licence, driving accidents over previous years, details of vehicle insurance previously declined, copy driving licence.
- Details of any accident at work which involves you.
- Your photograph for security and identification purposes if you visit our offices or work sites.
- The registration of your vehicle for automatic access to our premises or to a work site.
- Information that you provide by filling in forms for us such as job application forms, supplier questionnaires or a contact form on our website.
- Information contained in brochures or quotes or communications submitted to us offering your business or services.
- Information that you provide or which we collect from you for use in delivering our projects such as personal details required for airport security or site passes, work permits or visas, logistics deliveries and shipping and health and safety files.
- Information provided when you correspond with us or visit our premises.
- Information obtained through the use of cookies on our website.
We will not collect from you any personal data which is not necessary for the purpose for which the information is collected.
We will normally only collect basic personal data about you such as your name, e-mail address, telephone contact numbers, your business type, work address, job title and details of your relevant qualifications or trade credentials. If you are to do work for us in a personal capacity then we will also need details of your bank account and we may require financial references.
We will not normally collect from you any special categories of data such as personal data about your racial or ethnic origin, political opinions, religious beliefs, trade union membership, sexual orientation or information about your health. Where such information is required, this will be done through a confidential process and you will be asked to complete a form of consent telling you exactly what information you must provide, why you must provide it and what we will do with it.
2. How we get the information and why we have it
The vast majority of the information listed above is obtained directly from you or from documentation provided by you for one of the following reasons:
- To carry out our obligations under a contract we have with you.
- To check your suitability to work with us and, where applicable, apply our approvals processes, such as for suppliers or commercial agents.
- To comply with our legal obligations to ensure that it is safe for you to carry out your services or to travel to certain locations.
- To obtain security passes needed for you to access airport or other sites to carry out services for us.
We also receive personal information about you indirectly as follows:
- We obtain information from external organisations where necessary – for example: membership of professional organisations, details of convictions, details in public registers such as the Companies Register, financial reports.
Under UK GDPR the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting us at the address above.
- We have a contractual obligation.
- We have a legal obligation.
- We have a legitimate interest and we are satisfied that this is not overridden by risk to you.
We believe that our use of this information is consistent with the principles of the Data Protection Act 2018 and the UK GDPR.
3. What we do with the information
The information we hold is for our management and administrative use and for the purposes of our business, but we may from time to time need to disclose some information we hold about you to relevant third parties. We may do this in the following circumstances:
- To our employees and others whom we have employed to carry out services for us who will use your information for the purpose of carrying out those services.
- Where legally obliged to do so - for example when we submit information to the tax authorities.
- To verify your identity and make checks for fraud prevention or anti-money laundering measures.
- Where requested to do so by you - for example for a reference or to forward your tender to a customer.
- For the administration of employee benefits if you are the beneficiary of a pension from our company, private health insurance or death in service benefits.
- In order to tender for work or to pre-qualify for a tender and you are likely to be a subcontractor to us for some of the work.
- In order to comply with contractual requirements.
- To determine labour rates in relation to quotations we submit to our customers or applications for payment on projects you work on for us.
- To third parties for the issue of airport security or site passes, visas or work permits or for the carrying out of logistics services or other requirements for the purposes of our business projects.
- Audits which may be procedural audits for quality assurance purposes or financial audits undertaken by our clients pursuant to contract provisions.
- Driving offence notifications.
- For the purposes of legal proceedings.
- For the purposes of financial or quality audits.
- To our legal and professional advisers including our auditors.
- To third parties if we are under a duty to disclose or share the personal data in order to comply with a court order or a legal or regulatory requirement.
- To maintain an up to date list of approved suppliers for business continuity purposes.
- To send you details of opportunities to do business with us.
- Credit reference agencies or debt collection agencies.
- Our insurers where necessary for us to obtain cover for the purposes of our business.
- To Microsoft and associated companies for the provision of cloud services for our computer servers.
- To software providers and their associated companies and consultants for the purposes of developing software for our systems including testing, hosting, rectification of defects, back up, training and system audits.
- If you exercise your rights under data protection law and make requests.
- Based on your consent - For example: if you request us to disclose your personal data to other people or organisations; to send you marketing communications if we have asked for your consent to this.
We may also transfer information about you to our shareholder (Daifuku Co., Ltd) or other companies which form part of the Daifuku group for purposes connected with the following:
- The reporting of business data to our shareholder.
- Reporting to our Board of Directors or our shareholder about the projects we are carrying out and other business matters such as legal proceedings, administrative audits, information security, financial audits.
We will use the information you provided to us for the purpose for which it was provided to us at the time it was provided. For example, we might use it to respond to your enquiries about employment with us or you may have submitted details of a quotation for work for a particular customer or potential customer of ours which we will forward to the customer or potential customer as part of a bid for project work.
We will not process your personal data for any use other than the purpose for which it was provided unless: (i) you have consented to the use; or (ii) it is necessary for us to comply with a legal obligation; or (iii) it is necessary for the pursuit of a purpose which we consider to be a legitimate interest and we are satisfied that the legitimate interest is not overridden by the risk to you.
We do not collect personal data for dissemination or sale to third parties for marketing purposes.
Where you have provided your personal details to us because you are a customer or supplier, we may use your contact details to send you news or details about our business and products. If at any time you decide you do not wish to receive such details then please let us know by contacting marketing@daifuku-logan.com
We do not use your personal data in relation to automated decision making.
4. How we store your information
The information we collect about you will be stored at our premises in the UK in physical files or electronically on our servers, and in many cases in both formats.
The Company has in place robust information security measures which help to ensure that information is stored appropriately and securely and labelled as confidential where necessary and also that it is disposed of appropriately.
We have in place in our organisation various different technical and organisational measures to protect the personal data we hold against accidental or unauthorised use, destruction, loss, damage, alteration or disclosure. We use various security programmes and procedures to ensure that unauthorised persons do not have access to the personal data or to any equipment used to process the personal data.
We take steps to ensure that our employees, agents, partners and sub-contractors comply with the procedures and policies we have in place whenever they are processing personal data.
Our contracts often require us to retain information about subcontractors and their work for a number of years after the work has been completed in case there are any problems. Upon completion of a project all personal data contained in our project files will be archived and securely stored.
We will retain your personal data for as long as you might legally bring claims against us.
Where personal data is retained we do not assume responsibility for verifying the on-going accuracy of the content of the personal data. When practically possible we will request updated information periodically.
Your data protection rights
Under data protection law you have rights including:
- Your right of access - You have the right to ask us for copies of your personal information.
- Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
- Your right to object to processing - You have the the right to object to the processing of your personal data in certain circumstances.
- Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at the address above if you wish to make a request.
How to complain about the use of your data
If you are not happy about the way we are dealing with your personal data you can address your complaint to the Managing Director at the address above.
You can also complain to the UK Information Commissioner’s Office (ICO) if you are unhappy with how we have used your data. The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Helpline number: 0303 123 1113