Privacy Policy

GDPR DATA PRIVACY POLICY

Data Protection

This policy relates to the data protection and privacy practices which apply to Daniel Connal Limited Liability Partnership (“Daniel Connal Partnership”) and our website www.dcpsafetyandtraining.co.uk

Our aim is to protect our clients, employees and website users’ privacy whilst providing a personalised and valuable service. Collecting personal information is necessary if we are to satisfy the expectations and requirements of our users, i.e. to communicate and to enable an interactive service. In this policy we explain what information we collect, what we do with it and what controls you have.

All information provided to us will be managed sensitively and distributed in accordance with agreed protocols. Any personal information provided to us is treated in accordance with the Data Protection Act, the ICO registration number Z6027872 and our Privacy Policy.

Personal Identification Information

Any personal information such as name, postal address, telephone number and email address given to us may be used to provide a requested service in line with our contractual agreement, inform of and promote our services to those with a legitimate interest and/or to respond to an enquiry. This will not be disclosed to any other third party without your prior permission; unless we are required to do so by law.

Any non-personal information gathered via our website such as IP address, pages accessed, and files downloaded will only be used to determine how many individuals use our site, how many people visit on a regular basis, which pages are most popular, and which pages are least popular. This information doesn’t tell us anything about who you are or where you live, it is simply used to enable us to monitor and improve our service. Details can be found on our Cookies Policy.

How We Store and Protect Data

We are committed to protecting our employees, clients and users’ privacy. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration or destruction of personal data we store.

All client and project data is stored on a secure Content Management System.

All computers are protected against virus attacks and malware by ‘Sophos’ and ‘Mimecast’ security software which provides advanced email security, antivirus, antispam protection, TLS encryption, Data Leak Prevention, Documents Services and Attachment Management security software. We have a secure hardware firewall between our internal systems and the outside world. All devices and connections are password protected.

We have implemented an Ultimate Disaster Recovery Solution which is supported by our IT provider “Rio Ltd’’. Our Disaster Recovery Policy explains in more detail the safeguarding we have in place, a copy of which is available upon request.

Our website is SSL (Secure Sockets Layer) certified which keeps data secure between servers. Any enquiry/information entered through our website is encrypted.

We use cookies on our website. Cookies are tiny files that are downloaded to your computer, to improve your experience. Our Cookies Policy, available on our website, describes what information they gather, how we use it and why we need to store these cookies.

Project files and financial files are kept in accordance with the RICS recommendations for a maximum period of 15 years. Archive files are stored off-site in a secure fireproof warehouse.

We have continuous Cyber & Data Liability cover with Victoria Insurance Company Ltd.

We maintain a Personnel Data Register of our staff and job applicants. Information provided to us will be held for the period of their employment with us and 6 years thereafter for legal/reference purposes.

Information provided to us for Job Vacancies either directly, via our website or an agency will be retained for a period of two years should suitable opportunities become available during this period.

Other data protection practices we maintain are document shredding, secure locked personnel files with authorised key access only.

Sharing Personal Information Data

Certain projects may require us to share personal information data with third parties such as contractors, sub-contractors, insurers, photographers, recruitment agencies. This information will be shared as per the project requirements or individual basis and in prior agreement with you. Should you not wish for us to share this information please inform your Project Manager or in the case of employees, one of the Partners.

At times we may use third party service providers to help us operate our business and the site or administer activities on our behalf, such as sending out surveys and marketing emails. We use Create Send to manage email marketing subscriber lists and send email newsletters. Their privacy policy can be viewed at www.createsend.ie/privacy-policy

We also use social media – Facebook, Twitter and LinkedIn to share our practice news, industry updates, project updates, testimonials and case studies. Every effort will be taken to anonymise our social media updates, on the occasion that a reference has to be made this will be done with prior permission.

Staff Training

Staff with duties which include the handling of personal information are kept up to date on the importance of keeping information secure, the appropriate collection, use and deletion of client and employee data, the rules around disclosing information over the telephone and how to deal with requests from individuals for their personal information, through regular training and continuing professional development.

Marketing

We may contact individuals who have a legitimate interest in our business to inform of or promote our services. An opportunity to unsubscribe/opt-out of such communication will be provided with every email.

We may use a project as a case study, including client feedback/testimonials, photographs and video where available for marketing purposes via brochures, postcards, website and social media.

At times we may invite you to networking events. You will be provided with an opportunity to opt-out/ unsubscribe from further correspondence should you not wish to receive these invitations.

Links

Our website and emails may contain links to third party sites such as Twitter, Facebook and LinkedIn which we have no control over; if you visit those sites you should check you are happy with their own privacy policies and terms of use before providing any personal information. Additionally, if you linked to our website from a third party, we cannot be responsible for the privacy policies and practices of that third party site.

Consent

By using our services and website clients, staff and users consent to the collection and use of personal data in accordance with our Privacy Policy and Data Protection regulations. If you do wish to do so or have any questions relating to our Privacy Policy please let us know via our Contact Us page.

Scheduled Audit Date

Daniel Connal Partnership will review this Policy annually and as required.