Client privacy notice
This notice explains when and why we collect personal information about you; how we use it, the conditions under which we may disclose it to others and how we keep it secure. Clients should read this notice alongside our general terms and conditions and terms of engagement.
Through the course of the services we provide, Uform collects, processes and stores personal data and on occasion sensitive personal data. We are what is known as the ‘data controller’ of the personal information you provide to us.
What personal information we need
The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you.
There are two types of personal data (personal information) that you may provide to us:
- Personal data: is the general information that you supply about yourself – such as your name, address, gender, date of birth, contact details, financial information etc.
- Sensitive personal data: is, by its nature, more sensitive information and may include your racial or ethnic origin, religion, sexual orientation, political opinions, health data, trade union membership, philosophical views, biometric and genetic data.
In some cases personal data requested will be limited to basic information and information needed to complete ID checks. However some of the work we do may require us to ask for more sensitive information.
Sources of information
Information about you may be obtained from a number of sources; including:
- You may provide the information about yourself
- You may provide information relating to someone else – if you have the authority to do so
- Information may be passed to us by third parties in order that we can undertake work on your behalf. Typically, these organisations can be:
- Third-party agencies
- Financial Organisations
Why we need your personal information
The primary reason for asking you to provide us with your personal data, is to allow us to carry out the work you have requested us to do on your behalf – which will ordinarily be for commercial purposes, ie to allow us to sell our products and services to you.
The following are some examples, although not exhaustive, of what we may use your information for:
- Verifying your identity
- Communicating with you
- Selling our products and services to you
- Keeping financial records of transactions relevant to your contract
We may use your personal information for legitimate interests such as direct marketing or under reasonable expectation to provide you with information you would expect to receive or that would benefit and enhance our relationship. This information will help us review and improve our products, services and offers.
Who has access to your information?
We have a data protection policy in place to oversee the effective and secure processing of your personal data. We will not sell or rent your information to third parties or share your information with third parties for marketing purposes.
Your appointed Area Sales Manager, Key Account Manager or / BDU Assistant and Credit Controller will have access to your personal information in addition to any support and administrative staff assigned to undertake work in relation to your organisation. Depending on the nature of the work we are carrying out on your behalf, we may also need to disclose some information to third parties; for example:
- Potential candidates, new employees
- Contracted Suppliers
- External auditors
- Bank or Building Society; or other financial institutions
- Insurance Companies
- Providers of identity verification
- Any disclosure required by law or regulation; such as the prevention of financial crime and terrorism
- If there is an emergency and we think you or others are at risk
In the event any of your information is shared with the aforementioned third parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.
There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent which you are free to withdraw at any time.
How do we protect your personal data?
We recognise that your information is valuable and we take all reasonable measures to protect it whilst it is in our care.
We have robust standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal staff and external parties are required to protect confidentiality of all client information; to ensure all personal data is handled and processed in line with our data protection policy.
How long will we keep personal information for?
Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us.
What are your rights?
In certain circumstances, you have rights under data protection laws in relation to your personal data, as set out below. If you wish to exercise any of the rights set out below, please contact us using the contact details at the end of this privacy notice. We may not have to comply with your request but we would explain why if we believe we are entitled to refuse.
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal datafor direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
If you do not wish us to continue to contact you in this way, you can either follow the unsubscribe instructions on any of our email communications to you or contact us by emailing firstname.lastname@example.org with your name and email address. You will be opted-out of our email list immediately. Once unsubscribed, you may still receive transactional emails from various individuals within our business regarding your ongoing work with us. You can also choose to opt back in to our main email list at any time in the future. To do this, please email your opt-in request to email@example.com
Complaints about the use of personal data
If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Lead who will investigate further. Our Data Protection Lead, Patrick Farren can be contacted by emailing firstname.lastname@example.org or you can make your complaint in writing and send to the postal address listed below:
Uform, Creagh Industrial Estate, Hillhead Road, Toomebridge, Co.Antrim, BT41 3UF
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
Any questions regarding this notice and our privacy practices should be sent by email to email@example.com
Changes to this Privacy Notice
We reserve the right to update this privacy notice at any time.