Data Protection and GDPR Policy Statement
This statement of policy is made by Xenon Services Ltd in accordance with the UK Data Protection Act 1998.
Xenon Services Ltd may be required to collect, process and store data which relates to its stakeholders, including our employees, customers, suppliers, etc, in order for the company to carry out its duties, rights and obligations. All information and data stored, is done so securely in accordance with the principles of the Data Protection Act 1998. The company may require to change it’s data protection procedures from time to time to continue to comply with changing legislation.
The information will be used primarily for personnel, administrative and payroll purposes, however there may be other requirements for data collection in association with the company’s business operations.
The company will adopt appropriate organisational and technical measures to prevent the unauthorised use of, unlawful processing or disclosure of data.
Personal Employee Data
We may require, in the case of our employees, to collect personal data, this may include:
- Name, Address, Next of Kin, Date of Birth;
- Job Title or Profession;
- Contact Telephone Number(s) or Email Address;
- Bank Information;
- Health Conditions;
- Any Alleged Offences and/or Criminal Convictions.
Some of this data is classed as “sensitive personal data”. This may include information relating to racial or ethnic origin, trade union membership, physical or mental health or existing medical conditions, and any alleged offences and/or criminal convictions.
Employees applying for a job at Xenon Services Ltd will be asked to provide/confirm their personal and/or sensitive personal data as required. By providing this information, the employee will allow consent to Xenon collecting, processing and storing this information.
Other Stakeholders Data
We will require to process customer information which includes their address, contact information (including key contacts, telephone numbers, emails), site specific information etc. We are committed to ensuring that your information is secure. We have put in place company procedures to ensure that your information is held securely and safeguarded at all times.
We may occasionally send out promotional literature or information on new services or products which we think you may find interesting. We may also send out information on changes in legislation which may affect the services we, or our sub contractors provide to our customers. We may contact you by email or, telephone for such purposes.
Cookies and Website
Other than for the operation of our ‘callback request form’, the company’s website does not capture any personal information or data. The information captured on the callback request form is sent in the form of an email which is received by the Business Director to respond as per the enquiry. The information held within the email will be held for no longer than 3 months, unless the nature of the initial enquiry becomes a confirmed contract or job, in which case information will be held on the job file which you can request to access personal information from under the terms of the Data Protection Act 1998. Information may be requested by emailing us with the title ‘Request for Information Under the Data Protection Act’ providing clear instruction in the information required. The company will charge a fee of not more than £10.00 for each information request made.
The company’s Data Protection Policy Statement only covers the information captured within this website. It does not cover any information captured by links from this website to other third party websites and therefore we cannot be responsible for the protection and privacy of any information which you provide whilst visiting a third party site. You should always exercise caution and check the privacy statement applicable to the website in use.
Disclosure of Data
The company handles all data in compliance with the Data Protection Act 1998. We recognise the importance of correct and lawful processing and therefore the data you provide will only be used for Xenon’s purposes, and only where necessary will be forwarded to a third party to comply with legislation, to enforce policies, protect our, or other’s, property or safety (eg HMRC; the pension provider, senior managers/Directors of the Company; enforcement agencies or relevant authorities). The company do not sell, trade or transfer information to external parties.
Disclosure of some personal data may also be made to other entities not identified above where it is a legal requirement to do so. This will only ever be done in accordance with the Act. Your consent will be sought where necessary. The company will retain your personal data as long as necessary for the purposes described above. After termination of your employment Xenon Services Ltd are required to hold your personal data for a period of time to satisfy statutory/legal obligations or for administrative purposes.
Rights under the Data Protection Act
Where the Act classifies you as a ‘Data Subject’, you have a number of rights under the Act. This includes the right to:
- Access the personal data the company holds about you;
- Have inaccurate data corrected by the company;
- Prevent the processing of information which may cause you harm or distress;
- Prevent unsolicited marketing;
- Prevent automated decision-making.
More information on your rights is available at: www.ico.org.uk
Further Information on Data Protection
You can find more information on Data Protection from the Information Commissioner’s Office at www.ico.org.uk
GDPR Changes and How the Company are Approaching This
The General Data Protection Regulation (GDPR), is a Regulation which the European Parliament, Council of the European Union and European Commission intend to use to strengthen and unify data protection for all individuals within the European Union. This new Regulation will be enforced from 25 May 2018. We are aware of our company and shared responsibilities and are committed to ongoing compliance with GDPR.