Please read this policy carefully as it contains important information on who we are and what we do, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and supervisory authorities in the event that you would like to report a concern about the way in which we process your data.
If you have any queries about this Policy, the way in which The Peacock HR Consultancy processes personal data, or about exercising any of your rights, please send an email to firstname.lastname@example.org
Who we are and what we do
Our core business is HR advice and consultancy services to our clients mainly employers who may include:
- registered Companies and SME’s.
- general further education and sixth form colleges.
- schools, pre- nursery sand special schools.
- charities, private training providers.
- private schools and colleges
- other relevant prospective employers and individuals.
(the ‘Core Business’)
In support of our Core Businesses we may also provide the following services:
Training and apprenticeship advice
Occupational Health Services
Health and Safety assessments and advice
Behaviour profiling/psychometric testing,
Training Workshops e.g. team leadership
We collect information about you or your staff to carry out our Core Business
The Peacock HR Consultancy owns and operates http://peacockhrconsultants.co.uk (Website). This policy, sets out the basis on which the consultancy processes personal data.
What is covered in this document?
This document explains how we collect and use personal information about you. For the purposes of this document ‘you’ refers to:
- Private individuals who seek advice and our services
- Private individuals who are or were formerly working for our current or former clients (employers), as further explained below under ‘Who we are and what we do’
What personal data do we collect?
We may collect and process the following personal data:
Information you provide to us
- complete a form on our website
- send your personal details to us via our website, upload form or email
- correspond with us by phone, e-mail, or in writing about an employee
- report a problem and seek advice mainly employees
- sign up to receive our newsletter/communications
- enter into a contract with us to receive products and/or services
- supply information on your current employees or former employees
Depending on the nature of our relationship with you, the information you give us or we collect about you or your employees may include names; addresses; private and corporate e-mail addresses; phone number(s); records of payments owed/paid to you including salaries; compliance documentation (including health and criminal convictions checks); health records, age/date of birth; gender/gender identity, relevant qualifications and experience, a range of general correspondence and this may include tables and data spreadsheets.
Sensitive personal data
In certain limited cases, we may collect certain sensitive personal data from you (that is, information about employees’ racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences, or genetic or biometric data).
How do we use your personal data?
When we ask you to supply us with personal data it is clear the personal data we are asking for must be supplied so that we can provide the services to you or an employer.
Contract performance: we may use your personal data or data about your staff to fulfil services, or take steps linked to our service contract:
- to provide the services to you
- to communicate with you in relation to the provision of the contracted services
- to provide you with professional support such responding to issues
Legitimate interests: where this is necessary we communicate with third parties. These interests are:
- communicating with you or your staff in relation to occupational health reviews
- communicating with you or your staff in relation to your payroll and pension supplier
- communicating with agencies and legal firms with regard to claims and disputes
Your personal data or that of employees is not passed on to third parties for marketing purposes or for the distribution of newsletters or surveys.
Who do we share your personal data with?
We take all reasonable steps to ensure that our staff protect your personal data and are aware of their information security obligations. We limit access to your personal data to those who have a genuine business need to know it.
We may share your personal data with trusted third parties including:
- health professionals where appropriate
- legal and other professional advisers, consultants, and professional experts
- service providers contracted to us in connection with provision of the products and services such as providers of payroll, pensions and other management services
We will ensure there is privacy in place with the categories of recipients listed above which include obligations in relation to the confidentiality, security, and lawful processing of any personal data shared with them.
There is no a third party recipient located outside the European Economic Area.
How long will you keep your personal data?
We understand our legal duty to retain accurate data and only to retain personal data for as long as we need it to fulfil the purposes we collected it for. Accordingly, our data retention policy to remove data is every 7 years. However, at a request form an individual or client, data will be removed or deleted and / or destroyed.
Where do we store your personal data and how is it protected?
We take reasonable steps to protect your personal data from loss or destruction with all electronic data encrypted, passworded and paper files secure. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Automated decision making
We do not undertake automated decision making or profiling.
Under the GDPR, you have various rights with respect to our use of your personal data:
- Right to access. You have the right to request a copy of the personal data that we hold about you by contacting us at the email given below if you are an individual or through your employer. Please include with your request information that will enable us to verify your identity. We will respond with 30 days of request. Please note that there are exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information or if your request is manifestly unfounded or excessive.
- Right to rectification. You have the right to request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Right to erasure. You have the right to request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it or for it to be transferred to your employer.
- Right to object. You have the right to object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Right to restrict processing. You have the right to request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Right to data portability. You have the right to request the transfer of your personal information to another party for example your employer.
If you have any queries about this policy, the way in which The Peacock HR Consultancy processes personal data, or about exercising any of your rights, please send an email to email@example.com
If you believe that your data protection rights may have been breached, and we have been unable to resolve your concern, you may lodge a complaint with the applicable supervisory authority or to seek a remedy through the courts. Please visit https://ico.org.uk/concerns/ for more information on how to report a concern to the UK Information Commissioner’s Office.
Changes to our Policy
Any changes we may make to our policy in the future will be posted on our web site.
25th May 2018