This privacy policy applies to Centric HR’s website at www.centrichr.co.uk (the “Website”). We at Centric HR take your privacy seriously. This policy covers the collection, processing and other use of personal data under the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulations (“GDPR”).

For the purpose of the DPA and GDPR we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to Sandra Berns at our address Centric HR Limited, Hawkesyard Hall, Armitage Lane, Armitage, Staffordshire WS15 1PU.

This privacy policy only applies to prospective clients who go through our website.  By using the Website, you consent to this policy.

Data protection principles 
In relation to your personal or company data, we will:

 

Types of data we process 
We hold only the data about you that you provide in your enquiry form, including, your personal details including your name, company address (home if this is where you work or have provided this to us as part of your enquiry), email address, phone numbers.

How we collect your data 
We collect data about you in a variety of ways and this will usually start when you provide us with your data to make an enquiry for our services. Personal data that you give to us on our enquiry forms is kept in cloud-based files within the Company’s HR and IT systems.

Information we collect and why we process your data
The law on data protection allows us to process your data for certain reasons only:

 

We will collect personal data on this Website only if it is directly provided to us by you, the user, e.g., your e-mail address, name, home or work address and telephone number, and therefore has been provided by you with your consent.   Normally you will only provide such details if you wish to sign up for our free e-newsletter, make an enquiry about our services or are making a purchase from us. All the processing carried out by us falls into one of the permitted reasons. Generally, we will rely on the first three reasons set out above to process your data. For example, we need to collect your personal data to respond to the queries you have raised with us and to enable us to respond to you or to carry out the contract that we have entered with you.

Personal information is any information that can be used to identify a living person. For example, members’ email addresses and website user stats. We also use analytical and statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data (but this data will not identify you personally). This monitoring is carried out through Google Analytics and they are a Data Processor.  For more information on Google’s Privacy Policy please go to Privacy Policy – Privacy & Terms – Google.

As you provide us with your information when completing our enquiry or application process you will be confirming that you have read this privacy policy and understand its content.  In providing your data to us, you are consenting to us holding and using your data in the ways we have detailed.  If you do not wish for us to continue to hold your data you can ask us to remove it at any time and we will do so.
Special categories of data 

 

Use of your information
We may hold and process personal data that you provide to us in accordance with the DPA and GDPR.  The information that we collect and store relating to you is primarily used to enable us to provide our services to you and to meet our contractual commitments to you.  In addition, we may use the information for the following purposes:

 

We work with third party partners who provide our marketing services and we may share your data with them in the interests of providing you with information for the services we offer.  This might include marketing materials, fact sheets or other useful information to help you run your business effectively.  Our partners are aware of their responsibilities in keeping data safe and their responsibilities to ensure the GDPR principles are adhered to.  We will only use your data for these purposes and we will check with you regularly to ensure you still wish for us to hold your data.  You can tell us at any time if you would like us to delete the data and we will do so.

Disclosure of your information
We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk.  Where you have consented for us to do so, we may provide your data to selected third parties who may contact you about their goods or services that you may be interested in.  If you do not want us to use your data for our or third parties’ use, you must inform us of this by writing to us at centric HR Limited, Hawkesyard Hall, Armitage Lane, Rugeley, Staffs WS15 1PU, or sending us an email to enquires@centrichr.co.uk at any time.

Where we store and transfer your data
As part of the services offered to you, for example through our Website, the information you provide to us may be transferred to and stored in countries outside of the European Economic Area (EEA) as we use remote website server hosts to provide the website and some aspects of our service, which may be based outside of the EEA, or use servers based outside of the EEA – this is generally the nature of data stored in “the Cloud”.  It may also be processed by staff operating outside the EEA who work for one of our suppliers, e.g., our website server host, or work for us when temporarily outside of the EEA.

A transfer of your personal data may happen if any of our servers are located in a country outside of the EEA or one of our service providers is located in a country outside of the EEA. If we transfer or store your personal data outside the EEA in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected, as outlined in this privacy policy and in accordance with the DPA and GDPR. If you use our service while you are outside the EEA, your personal data may be transferred outside the EEA in order to provide you with these services.

We do not ask for special category or sensitive personal data, such as race, religion, or political affiliations, without your explicit consent as we have no requirement for this data.

We may disclose your personal data outside of our group: (a) in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; and (b) if Centric HR’s business is bought by a third party, in which case personal data held by it about its customers will be one of the assets to transfer to the buyer.  However, any such transfer will only be on terms that the confidentiality of your personal data is protected and that the terms of this privacy policy will continue to be complied with by the recipient.

Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us or the website.

You have the right to opt out of our processing your personal data for marketing purposes by contacting us at enquires@centrichr.co.uk.

Security of your data
The transmission of information via the Internet or email is not completely secure.  Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk.  Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access where these are possible.

How long we keep your data for 
In line with data protection principles, we only keep your data for as long as we need it for or how long you permit us to have it.  Retention periods can vary depending on why we have  your data, as set out in our Data Retention Policy.

Third party links
You might find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.  If you click on one of the links any liabilities from that point will be the responsibility of the third party.

Use of cookies
We use cookies to gather information about your computer for our services and to provide statistical information regarding the use of our Website. Such information will not identify you personally – it is statistical data about our visitors and their use of our Website. This statistical data does not identify any personal details whatsoever. We may also gather information about your general Internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer, as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Website and the service that we provide to you. All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies; you may be unable to access particular parts of our Website. Where we work with advertisers on our Website, our advertisers may also use cookies, over which we have no control. Such cookies (if used) would be downloaded once you click on advertisements on our Website.

Automated decision making 
No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement) which has a significant impact on you.

Your rights 
Your rights in relation to your data
The law on data protection gives you certain rights in relation to the data we hold on you. These are:

 

Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.

If you wish to exercise any of the rights explained above, please contact the Data Protection Officer on enquiries@centrichr.co.uk.

Making a complaint 
The supervisory authority in the UK for data protection matters is the Information Commissioner’s Office (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.

Changes to this privacy notice
We may update this policy to reflect changes to the website and customer feedback. Please regularly review this policy to be informed of how we are protecting your personal data.

We welcome any queries, comments or requests you may have regarding this Privacy Policy. Please do not hesitate to contact us at Centric HR Limited, Hawkesyard Hall, Armitage Lane, Armitage, Staffordshire WS15 1PU or enquires@centrichr.co.uk.

Version number: January 2021

Review Date: 3 years from publication or sooner if legislation changes.

Person responsible: Data Protection Officer