“Personal information” is any information that can be used to identify a specific person as an individual. Information which Sycamore House processes and which falls under this definition includes first names, surnames, e-mail addresses, telephone and mobile telephone numbers and where a project requires it, other personal identifiers such as national insurance number, date of birth, gender, ethnicity or postal address.
We collect and retain personal information when a client or prospective client contacts us, when we purchase goods or services or when we meet other professionals for example in a networking setting when contact information is provided with express or implied permission to make later contact.
Where a client asks us to carry out a project or activity on their behalf and this involves processing data about others – for example their own clients or their employees - we will process information as directed by the client in accordance with their policies provided the instructions are compliant with prevailing data protection legislation and do not contravene the letter or spirit of our policy.
We will not retain personal information for longer than it is necessary for us to do so. For business contacts, we retain your information for no more than two years after the last contact with you. This could be the end date of a project, the date of the last invoice submission or could be from the last time you have contacted us. We will delete or destroy information no longer required. Paper records will be destroyed by shredding. You can ask us at any time to let you know what information we hold about you. If you believe the information is false, you can ask us to correct it. You can ask us to delete information we hold about you and your request will be complied with provided we are not required to retain such information for a particular reason – for example by law.
The exception to this is that we will retain a list of those who have opted out solely for the purpose of ensuring that we do not include them in future correspondence. The personal information retained in these instances will be as minimal as possible to ensure we have identified the correct individual.
Information retained in paper form is kept in a locked filing cabinet. Electronic information held on computers is retained on equipment which is password protected, with an up-to-date firewall and with the latest security patches. We do not retain information on the cloud, except when specifically requested to do so by you for your purposes.
We will not share personal information outside the directors and associates of Sycamore House HR Solutions without your express permission except when required by law to do so or so that we can enforce or apply our rights or terms and conditions under an agreement or to professional advisors to give us advice to protect our legitimate interests.
Sycamore House HR Solutions is registered as a data controller with the Information Commissioner’s Office (ICO) under the Data Protection Act 1998 – registration number ZA340696. If you wish to contact us regarding your data, please e-mail lynnepritchard@sycamorehouse.co.uk.
We will monitor developments from the ICO and will review and update this policy in light of those developments where appropriate.