PMC Construction and Development Services Ltd is a registered data controller and processor (registration no. Z1495584).
We comply with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) which became enforceable on 25th May 2018.
The nature of our work is construction and general business and we use personal information to enable us to promote our goods and services, to maintain our accounts and records, and to support and manage our staff.
Type / Classes of Information Processed
We process information relevant for the nature of our work. This may include:
- Personal details
- Financial details
- Employment and education details
- Goods or services provided
We also process sensitive classes of information that may include:
- Physical or mental health details
- Trade union membership
Who the information is processed about:
- Customers and clients
- Suppliers and service providers
- Advisers, consultants and other professional experts
- Complainants and enquirers
We do not use any information for automated decision making or profiling.
Where Information is Sourced From
Direct correspondence with individuals or organisations in the normal course of running our business.
Who the Information May be Shared With
We sometimes need to share the personal information we process with individuals themselves and also with other organisations. Where this is necessary we are required to comply with all aspects of the GDPR. Where necessary we share information with the following types of organisations or individuals:
- Family, associates and representatives of the person whose personal data we are processing
- Employment and recruitment agencies
- Current, past and prospective employers
- Educators and examining bodies
- Central Government
- Credit reference agencies
- Suppliers and service providers
- Debt collection and tracing agencies
- Financial organisations
How We Keep Information Secure
We take appropriate steps to make sure that the personal information we hold (on paper and electronically) is kept secure and only used by people who have a right to see it. Our security measures include encrypting personal data and equipment, system access controls and training in data protection for all staff. Where another company or organisation processes personal information on our behalf, they will only process personal information in line with our instructions and are obliged to provide security assurances to us and to certain regulatory bodies.
Data Retention Period
We may retain data for differing periods of time for different purposes as required by law or best practice. We incorporate these retention times into our processes and manuals. Other statutory obligations, legal processes and enquiries may also necessitate the retention of certain data. We may store some data such as photographs, achievements, past project details indefinitely in our archive.
When you visit our website, there is certain information that is recorded which is generally anonymous information and does not reveal your identity. If you are logged into your account some of this information could be associated with your account. Specifically the details listed below:
- Your IP address or proxy server IP address
- The domain name you requested
- The name of your internet service provider is sometimes captured depending on the configuration of your ISP connection
- The date and time of your visit to the website
- The length of your session
- The pages which you have accessed
- The number of times you access our site within any month
- The file URL you look at and information relating to it
- The website which referred you to our sites
- The operating system which your computer uses
Individuals Have the Following Rights
- The right of access to personal data
- The right to rectification of personal data held where it is incorrect or incomplete
- The right of erasure of personal data (“right to be forgotten”) if certain grounds are met
- The right to restrict / suspend processing of personal data
- The right to complain to a supervisory authority
- Additional rights that may apply in certain instances:
- Right of data portability (if processing is based on consent and automated means)
- Right to withdraw consent at any time (if processing is based on consent)
- Right to object to processing (if processing is based on legitimate interests)
- Right to object to processing of personal data for direct marketing purposes
The Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Address: PMC Construction and Development Services Ltd, 80A High Street, Cosham, Hampshire, PO6 3FL
Phone: +44 (0)2392 696025
Review of Data Protection Policy
This policy is subject to regular review and will be updated as necessary to reflect any changes in our operational activities, best practice in data management, security and control and to ensure compliance with any changes or amendments made to applicable law.
In the event that an individual is not satisfied with the way in which we are processing their personal data, they have the right to make a complaint with the Information Commissioner’s Office.
Approval for this Policy
This policy has been approved by the Board of PMC Construction & Development Services Ltd.
Date: April 2022