This policy is effective from 25 May 2018.
Data Protection Policy
This Data Protection Policy explains how we, at SJS, deal with personal data under the General Data Protection Regulations, whether we are in the process of dealing with an enquiry, working together on a project, continuing our ongoing customer relationship, receiving a service, requesting feedback, or dealing with visitors to our website.
It describes how we collect, use and process personal data, and how, in doing so, we comply with our legal obligations. Privacy is important to us, and we are committed to protecting and safeguarding people’s data privacy rights.
This Policy applies to the personal data of our Clients, Employees, Potential Clients, Consultants, Contractors, Suppliers and any Potential Employee.
What kind of personal data do we collect?
To provide the high-quality services we aspire to we require to process certain information. SJS will only ask for details that will assist us in the delivery of our service, such as name, job role, and contact details; including but not limited to: telephone number, email address, first and last name and a work address details. If a private client, then we may also ask for a home address.
We collect a minimum amount of data from our consultants/contractor/suppliers to ensure that we can easily communicate and process transactions. We will collect contact details for the main contact and any associate contacts within the business that we feel will assist us in processing transactions and delivering projects. Other information such as bank details so that we can pay for the services provided (if this is part of the contractual arrangements between us), will also be obtained.
We collect a minimum amount of data from our employees and Partners to ensure that we can easily communicate and process transactions. We require information such as your name, job role, and contact details; including but not limited to telephone number, email address, first and last name and your work address details. NI number and bank details so that we can pay you and reimburse you for expenses. Other information such as medical history to allow the business to make reasonable adjustments to ensure your health and well-being at work is a priority.
How do we collect personal data?
We collect client data directly from our clients.
We collect consultant/contractor/supplier data directly from our consultants and suppliers.
We collect client data directly from our employees.
How will we use your personal data?
The main reasons for retaining our clients’ personal details are to keep them informed of their project, keep them informed about our business through marketing and media updates.
The main reasons for retaining consultant/contractor/supplier personal data is to ensure that we can fulfil any contractual arrangements between parties, keep them advised on any potential projects and to keep them informed about our business through marketing and media updates.
If a potential employee sends us an application form, a CV or contacts us with personal information for employment purposes, we may store that information for 6 months. We do not share that information with any third parties and would only contact the potential employee within that 6 month period should a suitable post arise. Thereafter the information will be removed from the system.
The main reasons for retaining your personal details are to pay you and keep you informed about the business.
How do we safeguard personal data?
Protecting personal information is important to us, which is why we put in place appropriate measures that are designed to prevent unauthorised access to, and misuse of, personal data. These processes include but are not limited to; encrypted server access, Laptop and Tablet devices encryption, all antivirus and gateway security settings are up to date and monitored.
How long do we keep personal data for?
Data stored and processed in our Electronic Document Management system. If we have not had meaningful contact with the individual for a period of six years, we will remove their personal data from our systems unless we believe another processing requirement, such as legal or contractual regulation requires us to retain it.
How can the individual access, amend or remove the personal data that has been given to us?
The individual has the right to access, amend or have their personal information removed by writing to Marina Cockburn, SJS, Newhailes Road, Musselburgh, EH21 6SY or emailing us at email@example.com. We will process the changes/removal of the personal information within 10 days.
The individual’s rights also include:
· Right to Object
· Right to Erase
· Right to Restrict Processing
· Right to be Informed
· Right to Data Probability
· Right not to be subject to Automated Decision Making
· Our legal basis for processing your data
Article 6(1)(f) of the GDPR states that we can process personal data where it “is necessary for the purposes of the legitimate interests pursued by [us] or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of [you] which require protection of personal data".
We think it reasonable that if the individual has communicated with us in the past or we have had meaningful contact with the individual within the past 5 years that there is legitimate interest that the individual will continue to benefit from our continued communication. We want to provide potential clients with the opportunity to hear about our services and to have the ability to request additional information from ourselves.
We store and process the personal information of individuals within interested organisations to facilitate the receipt of services from them as one of our consultants/contractors/suppliers. We may also hold financial details, so that we can pay for services provided. We deem all such activities to be necessary within legitimate interests.
Article 6(1)(b) gives us lawful basis for processing personal data where; “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”
In this context, a contract does not have to be a formal signed document, or even written down, if there is an agreement which meets the requirements of contract law. Broadly speaking, this means that the terms have been offered and accepted, both intend them to be legally binding, and there is an element of exchange (usually an exchange of goods or services for money, but this can be anything of value).
Where we have entered into a contractual agreement to deliver products and services with an individual we will process the appropriate and required information to do so. i.e. address details of the business.
Security of Personal Data
Transmission of data and information via the Website or by email is not a secure or encrypted transmission method for sending your personal data, unless otherwise indicated on the Website or otherwise arranged between us. Accordingly, your attention is drawn to the fact that any information and personal data carried over the Internet is not secure. Information and personal data may be intercepted, lost, redirected, corrupted, changed and accessed by other people.
We set security standards to prevent any unauthorised access to your personal data once we have received it and wherever possible we will use adequate software and working procedures to ensure the security of your personal data. To prevent unauthorised access, maintain accuracy, and ensure proper use of personal data, we have employed physical, electronic, and managerial processes to safeguard and secure the information we collect online.
Third Party Websites
Parts of our Website contain links to third party websites not owned by SJS (‘Third Party Websites’) for your convenience and information. If you use these links, you will leave the Website. When you access a Third Party Website, please understand that we do not control the content of that Third Party Website and are not responsible for the privacy practices of that Third Party Website.
Website Terms and Conditions of Use
By accessing this web site, you are agreeing to be bound by these web site Terms and Conditions of Use, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this web site are protected by applicable copyright and trade mark law.
2. Use Licence
Permission is granted to temporarily download one copy of the materials (information or software) on SJS Property Services’s web site for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:
· Modify or copy the materials; Use the materials for any commercial purpose, or for any public display (commercial or non-commercial);
· Attempt to decompile or reverse engineer any software contained on SJS Property Services’s website;
· Remove any copyright or other proprietary notations from the materials; or
· Transfer the materials to another person or “mirror” the materials on any other server.
This license shall automatically terminate if you violate any of these restrictions and may be terminated by SJS Property Services at any time. Upon terminating your viewing of these materials or upon the termination of this license, you must destroy any downloaded materials in your possession whether in electronic or printed format.
The materials on SJS Property Services’s web site are provided “as is”. SJS Property Services makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties, including without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights. Further, SJS Property Services does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its Internet web site or otherwise relating to such materials or on any sites linked to this site.
In no event shall SJS Property Services or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption,) arising out of the use or inability to use the materials on SJS Property Services’s Internet site, even if SJS Property Services or a SJS Property Services authorized representative has been notified orally or in writing of the possibility of such damage. Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.
5. Revisions and Errata
The materials appearing on SJS Property Services’s web site could include technical, typographical, or photographic errors. SJS Property Services does not warrant that any of the materials on its web site are accurate, complete, or current. SJS Property Services may make changes to the materials contained on its web site at any time without notice. SJS Property Services does not, however, make any commitment to update the materials.
SJS Property Services has not reviewed all of the sites linked to its Internet web site and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by SJS Property Services of the site. Use of any such linked web site is at the user’s own risk.
8. Governing Law
Any claim relating to SJS Property Services’s web site shall be governed by the laws of the United Kingdom without regard to its conflict of law provisions.
General Terms and Conditions applicable to Use of a Web Site.
1.2 Cookies are small text files stored on your device and used by website operators in order to make websites work, or work more efficiently, as well as to provide information to the operators of the website or certain third parties. Each cookie usually contains a unique string of characters, which allows a website to distinguish your device from other users.
1.4 In this cookies policy, we use the term “cookie” to mean a cookie and any other similar technology, such as web beacons, local stored objects (“Flash cookies”), and pixel tags.
2. Cookies We Use
We use the following cookies:
2.1 Strictly necessary cookies. These are cookies that are required for the operation of our website.
Cookie - None
Name - N/A
Purpose - N/A
More information - N/A
2.2 Analytical/performance cookies.
They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Name - __utma
Purpose - Google analytics cookie used to distinguish users and sessions. The cookie is created when no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
Expiration - 2 years from set/update.
Name - __utmb
Purpose - Google analytics cookie used to determine new sessions/visits. The cookie is created no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
Expiration - 30 mins from site/update time.
Name - __utmc
Purpose - Google analytics cookie. Operated in conjunction with the __utmb cookie to determine whether the user is in a new session/visit.
Expiration - End of browser session
Name - __utmt
Purpose - Google analytics cookie used to throttle request rate.
Expiration - 10 minutes.
Name - __utmz
Purpose - Google analytics cookie referral data: used to identify where the user came from. Stores the traffic source or campaign that explains how the user reached the website. The cookie is updated every time data is sent to Google Analytics.
Expiration - 2 years from set/update.
3. Rejecting Cookies
3.2 Depending on which browser you use, you may also be able to install a Google Analyticsbrowser add-on if you wish to prevent your data from being used by Google Analytics.
4. Changes to this Policy
4.1 This cookies policy may be amended by us at any time. Please check this page periodically so that you are aware of any changes.
5. Contact Us
5.1 For further information from us on any of this cookies policy or for any queries relating to them, please contact us by completing our enquiry form or call us on 0131 653 1234 or write to us at Newhailes Road, Edinburgh, EH21 6SY.