download-document

  1. GDPR Record of Personal Data Processing
Processing Ref N/A Date of Review 22.05.2018
Nature of Activity Human Resources
Function Human Resources
Description of functions carried out Managing and supporting Human Resource activities for

  1. Current and former workers (including Employees, Agency / Office Holders, Consultants, work experience and volunteers)
  2. Pensioners;
  3. Applicants (current and unsuccessful);
  4. Individuals attending training courses organised by the Company Safeguarding.

 

 

  1. Data Controller / Data Processor Details
Data Controller The Company
Details of any Joint Data Controllers N/A
Details of any contracts in place N/A
Details of any Data Processors Pension provider, HMRC.
Details of any Data Processor Agreements Agreement in place with pension provider.
  1. Processing Purpose Details
Description of the purpose (reason) for processing personal data Administration and maintenance of employee records and the activities required for the support and management of our current and former workers, applicants and Elected members, including:

  1. Recruitment, Selection & Termination,
  2. Police Vetting,
  3. Pay, Allowances, Pensions, Deductions, and Benefits,
  4. Working Arrangements and Leave,
  5. Managing Performance and Conduct,
  6. Managing Attendance and Employee Support,
  7. Managing Change, and
  8. Supervisions and Training.

 

Administration and maintenance of employee records and the activities required for the support and management of them for our commercial clients, including:

 

  1. Recruitment, Selection, and Termination,
  2. Police Vetting
  3. Pay, Allowances, Pensions, Deductions, and Benefits,
  4. Working Arrangements and Leave,
  5. Managing Performance and Conduct,
  6. Managing Attendance and Employee Support,
  7. Managing Change,
  8. Supervisions and Training.

 

Basis for the processing of the personal data Processing basis 1: Processing is necessary in order to meet our duties as an employer (Article 6 1 c compliance with a legal obligation and Article 9 2 b carrying out obligations and exercising specific rights in relation to employment). The main employment law statutes are:-Equal Pay Act 1970; Health & Safety at Work etc. Act 1974; Rehabilitation of Offenders Act 1974; Trade Union and Labour Relations (Consolidation) Act 1992; Employment Tribunals Act 1996; Employment Rights Act 1996; Public Interest Disclosure Act 1998; National Minimum Wage Act 1998; Employment Relations Act 1999; Employment Act 2002; Employment Relations Act 2004; Disability Discrimination Act 2005; Immigration, Asylum and Nationality Act 2006; and Equalities Act 2010

 

Payroll information is processed in accordance with HM Revenue and Customs regulations and standards.

 

In addition, there is a substantial amount of secondary legislation in the form of regulations which contain further provisions and may be supported by Codes of Practice.

 

Processing basis 2: Processing necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 1 b re contract of employment or for the provision of a service to commercial client.)

 

Processing basis 3: Processing necessary for compliance with a legal obligation.

 

Processing basis 4: Processing is necessary for a legitimate interest of the company.

 

Processing basis 5: Necessary to protect the vital interests of the data subject.

Link to privacy noticeand/or

 

Link to awareness raising materials

Prospective workers are informed about the processing of their personal data through information included in the recruitment form and process.Workers are informed about the processing of their personal data through information included in the contract of employment / letter of engagement / letter leaving and at the point of collection when appropriate through internal policies.Privacy Notices are in place for the processing of the personal data of workers when this is done as part of a commercial contract.

For the provision of training to individuals not employed by the Company at point of registration it is explained to the individual what personal data is required from them for the purpose of providing the training and levying the appropriate charge.

Details of any Privacy Impact Assessments carried out N/A
Does the processing involve automated decision making, including profiling Yes. Automated decision making takes place with regards to Vehicle tracking and employees timesheets.
Is personal data used for direct marketing purposes No
  1. Details of Personal Data Processing
Categories of data subjects
  1. Current and former workers including Employees, Agency / Supply Workers, Office Holders, Consultants, Interims, Interns, work experience and volunteers;
  2. Pensioners;
  3. Applicants (current and unsuccessful);
  4. Employee’s next of kin;
  5. Individuals requiring Vetting checks;
  6. Individuals attending training courses organised by the Company;
  7. Employment and Personal Referees.
Categories of personal data being processed
  1. Personal details;
  2. Employment details;
  3. Business activities;
  4. Financial details;
  5. Education and training details;

 

We also process special categories of personal data:

 

  1. Physical or mental health;
  2. Offences and alleged offences;
  3. Gender;
  4. Trade Union Membership for individuals who have requested deductions from payroll or for recording Trade Union Facility Time.
Source of the personal data Personal data will be received from a wide range of sources to support recruitment, ongoing employment, training, leavers and pension activities including the data subject, their representative, next of kin or other family member, other workers, referees, educators and examining bodies, health professionals, partner agencies, Pension Schemes, Police Vetting, Courts and law enforcement bodies, HM Revenue and Customs.
How is the personal data collected? Through established activities linked to the recruitment, employment, training, termination and pension rights of the data subject or commercial contracts.
When is the personal data collected? Through established activities linked to the recruitment, employment, training, termination and pension rights of the data subject or commercial contracts.
Estimate of the number of records held Fewer than 50.
Retention period(s) in place for the personal data See Human Resources Retention Schedule which is based on national guidance and business need.
  1. Recipients of Personal Data (in the UK)
Categories of the recipients of the personal data
  1. Data Subject;
  2. Past and prospective workers;
  3. HM Revenue and Customs;
  4. Pension Schemes;
  5. Financial organisations;
  6. Educators and Examining bodies;
  7. Professional Bodies;
  8. the Disclosure and Barring Service;
  9. Police Vetting service;
  10. Law enforcement agencies and bodies;
  11. Courts and Tribunals;
  12. Legal representatives;
  13. Ombudsman and Regulatory bodies;
  14. Partner organisations;
  15. Service providers;
  16. Debt collection and tracing agencies;
  17. Trade Unions;
  18. Licensing authorities;

At the explicit request of the data subject:

  1. Credit Reference Agencies;
  2. Mortgage Providers, Housing Associations and landlords.

 

To support TUPE arrangements the minimum necessary personal data and special categories of personal data will be passed to the new employer transferee.

Safeguards in place for the transfer of the personal data Any disclosure or transfer of personal data / special categories of personal data will be in full compliance with the General Data Protection Regulation and established Company processes.
Details of any Information Sharing Agreements in place Not Applicable
  1. Recipients of Personal Data (outside of the UK)
Categories of the recipients of the personal data Not Applicable
Details of any transfers of personal data outside of the UK – to a third country or to an international organisation Not Applicable
Safeguards in place for the transfer of the personal data Not Applicable
Details of any Information Sharing Agreements in place Not Applicable
  1. Processing Measures in Place
Technical and organisational measures in place for data security and protection Secure IT – AVG Internet anti-virus software.
Format information is held in Electronic and paper files.
Systems data is held on TheCompany processes personal data using automated means. This includes electronic drives, Sage payroll, Sage Accounts, HMRC Online, Pensions, Email, DVLA Licencing, Worktops Database,
  1. Any Additional Information
None

 

Profiles

Battaglia_home

Battaglia offer numerous different Profile finishes to their worktop

View Profiles

Collections

Battaglia_home

View the wide array of colours Battagia have on offer and also view some previous jobs

View Collections

Contact

Fill in the short form above and one of our team will call you back