This policy was last updated on 2 May 2018
FPS Group privacy principles
FPS Group is committed to safeguarding the privacy of your information. By 'your information' we mean any information about you that you or third parties provide to us.
- We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so.
- We will be transparent in our dealings with you and will tell you about how we will collect and use your information.
- If we have collected your information for a particular purpose, we will not use it for anything else unless you have been informed and, where relevant, your permission obtained.
- We will not ask for more information than we need for the purposes for which we are collecting it.
- We will update our records when you inform us that your details have changed
- We will continue to review and assess the quality of our information
- We will implement and adhere to information retention policies relating to your information, and will ensure that your information is securely disposed of at the end of the appropriate retention period.
- We will observe the rights granted to you under applicable privacy and data protection laws, and will ensure that queries relating to privacy issues are promptly and transparently dealt with.
- We will train our staff on their privacy obligations.
- We will ensure we have appropriate physical and technological security measures to protect your information regardless of where it’s held.
- We will ensure that when we outsource any processes, the supplier has appropriate security measures in place and will contractually require them to comply with these Privacy Principles.
- We will ensure that suitable safeguards are in place before personal information is transferred to other countries.
If you are not satisfied with our response you can contact the Isle of Man Information Commissioner by visiting https://www.inforights.im/ or at Office of the Isle of Man Information Commissioner, First Floor, Prospect House, Prospect Hill, Douglas, Isle of Man, IM1 1ET.
The types of information we collect
FPS Group collects and processes personal data and sensitive personal data about its current, past or prospective staff and others who are defined as data subjects under the Data Protection Act. This information is normally initially provided to FPS Group by a prospective member of staff on an application form and is added to by FPS Group over the course of employment.
Where you provide information about others (for example ‘referring a friend’) you must ensure that you have their consent or are otherwise entitled to provide this information to us The personal information that we may collect includes:
Personal data is data relating to a living individual who can be identified from that information or from that data and other information in FPS Groups possession (for example: name, address, telephone number, Job title, department, employment start date, hours worked, salary, marital status, date of birth, nationality, tax reference number, tax code, Ni Number, car model and registration, bank details, emergency contact details and death in service benefit details). It can also include expressions of opinions about an individual.
Sensitive Data relates to religious beliefs, health (including information about disabilities, and doctors details), and, criminal convictions.
Use and disclosure of personal data
Personal data received by FPS Group is used only for the following purposes:
- Managing Human Resources processes such as recruitment, payment of salaries and pensions, performance management, and training and development
- Providing facilities such as the IT service, and car parking provision
- Monitoring equal opportunities
- Preventing and detecting crime.
- Provide information about Company news and updates via our intranet
- To enforce compliance, or contractual obligations of FPS Group
- To comply with any legal requirements
- To provide employee benefits, such as death in service, and FPS Connect.
- To prosecute and defend a court, arbitration, or similar legal proceeding.
- To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- When we believe it is appropriate to do so to protect the rights, property, or safety of our company or other persons.
FPS Group processes sensitive personal data for a number of administrative purposes:
- Managing Human Resources processes such as administering Sick Pay and Sick Leave schemes, managing absence, administering Maternity Leave and related pay schemes
- Managing a safe environment and ensuring fitness for work
- Managing obligations under Equal Opportunities legislation
- Provision of occupational health and wellbeing services to individuals
Personally identifiable information collected by FPS Group is not used for purposes unrelated to the purpose for which the information was originally collected.
You may at any time tell us you:
- would like to review, update your Personal Information from FPS Group’s Database, please refer to the “Reviewing or Updating Your Personal Information” Section;
- would like to remove your Personal Information from FPS Group’s Database, please refer to “The right to be forgotten” Section.
Please refer to the electronic communications policy.
Security and integrity of personal data
FPS Group endeavours to protect the data from unauthorised access or disclosure; to maintain data accuracy and completeness; and to ensure the appropriate use of information.
Security measures – including firewalls, encryption and intrusion detection technology, back up procedures, external audits and encryption – are employed by FPS Group to reduce vulnerabilities to security and privacy threats. Unique passwords and usernames are also required to log into the restricted interactive area.
All members of staff are subject to strict confidentiality clauses in their contracts of employment. Access to personal or sensitive data is restricted to authorised employees.
Access to personally identifiable information
Under applicable Data Protection Laws, data subjects may have the right to access the personal data held by FPS Group in relation to them and to request that inaccuracies be amended or updated.
Individuals who wish to exercise such rights should contact FPS Group. Any requests to access or amend personally identifiable information will be subject to rigorous ‘vetting procedures.
These rights are known as Subject Access Request and must be made to FPS Group in writing, detailing the information that you require; please refer to contact details section.
Reviewing or updating your personal information
At the start of your employment with FPS Group you will be provided with a unique Visual login name and password. The area provides you access to your Personal Information, which you can review. Any Personal Information changes must be emailed to the HR Manager. If you are unable to gain access to Visual for whatever reason please contact the HR Manager. Alternatively you can request any changes in writing to FPS Group, Human Rescourses, Administration Centre, Ramsey, UK, IM8 1GB.
Right to be forgotten
If you would like to remove your Personal Information from our database please contact please using the “Contact Us” details below. Please note that your Personal Information is required to be kept by law for 7 years following end of relationship.
If for any reason, we are unable to act in response to a request for erasure, we always provide a written explanation to the individual and inform them of their right to complain to the Supervisory Authority and to a judicial remedy. Such refusals to erase data include:
- Exercising the right of freedom of expression and information
- Compliance with a legal obligation for the performance of a task carried out in the public interest
- For reasons of public interest in the area of public health
- For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing
- For the establishment, exercise or defence of legal claims
Right to data portability
You can request your Personal Data that you have provided to be transferred to another data controller by providing the data controllers details by contacting us through one of the methods described in our “Contact Us” section.
Please note that such requests may take up to one (1) month. FPS Group will provide the personal data in a structured, commonly used and machine readable form, such as csv and will transfer using a secure method.
01624 818 300 (00 44 1624 818 300 from overseas)
Data Protection Officer
Freelance Professional Services Limited