Catering Temps Ltd is GDPR Ready
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect. GDPR regulates the governance of personal data for European Union (EU) citizens, with a strong emphasis on data security and privacy. This regulation applies not only to companies operating within the EU but also to those outside the EU if they handle the personal data of EU citizens or have EU-based clients.
At Catering Temps Ltd, information security and data privacy are core to our operations, and we recognize the importance of upholding the new regulations that advance the security and privacy of EU citizens’ data. We are fully committed to ensuring our readiness for GDPR compliance.
In alignment with GDPR, we will soon distribute updated customer contracts that reference our revised terms and conditions, clearly outlining our obligations under this regulation.
Below is our new privacy policy, which also identifies the person responsible for data protection at Catering Temps Ltd.
Privacy Overview
The GDPR, effective as of May 25, 2018, regulates the handling of personal data for EU citizens with a focus on security and privacy. This regulation applies globally to any company that processes data of EU citizens or has clients in the EU.
Catering Temps Ltd prioritizes information security and data privacy as the foundation of our operations. We are dedicated to maintaining GDPR compliance and protecting the data of our clients and candidates.
How We Handle Customer Privacy
This document provides an overview of how we manage privacy, including:
- The types of information we collect
- How we collect and use it
- Who we might share it with
- The steps we take to ensure it remains private and secure
- Your rights regarding your information
Who We Are
When we refer to ‘we’, ‘us’, or ‘our’, we mean Catering Temps Ltd, the ‘data processor’ for the information in this document. ‘You’ or ‘customer’ refers to the clients or candidates to whom we provide services. The data controller is the entity or individual responsible for deciding how your information is used. ‘Customer data’ refers to files and documents owned by the client or candidate.
The Information We Collect
We collect information from various sources, including:
- Directly from our clients and their employees
- Directly from candidates
- Publicly available sources
- Information we generate ourselves
- Other organizations
- Government bodies like HMRC
We collect information in compliance with relevant laws and regulations, which may pertain to any of the services or products our clients and candidates inquire about, receive, or have received in the past.
Our clients and their data controllers are responsible for providing accurate and up-to-date information.
Types of Data We Process
Depending on the services chosen by our clients and candidates, we process the following personal data on their behalf:
- First Name
- Last Name
- Mailing Address
- Email Address
- Business Phone
- Mobile Phone
- Home or personal phone
- Candidate payroll details
- Candidate CVs
- Candidate Identification
How We Use the Information
We use this information to provide the services our clients request, and for other purposes including:
- Verifying identity and address
- Understanding how our clients use our services
- Carrying out client instructions and delivering services
- Improving our services
- Processing payments
- Offering additional services that may benefit our clients, unless they request otherwise
We only use client information where permitted by law, such as fulfilling a contract, complying with a legal obligation, pursuing legitimate business interests, or with client consent.
What We Do to Ensure Your Information is Safe
Any third-party suppliers with whom we share personally identifiable information have committed to GDPR compliance.
When selecting new suppliers, we prioritize those who have achieved certifications such as ISO27001, Cyber Essentials, Privacy Shield, or who can demonstrate adherence to high privacy and security standards.
Some of the measures we take include:
- Encrypting all devices used to store information
- Providing GDPR readiness training for our staff
Who We Share Your Information With
We may share client information with partner companies involved in service provision. Clients may request a list of the suppliers we use for processing personal data. We do not share client information with third parties outside of what is necessary to provide or improve our services, applying the same standards to all suppliers.
How Long We Keep Information
We retain client information and data for as long as the client maintains a relationship with us. After the relationship ends, we keep it for a predefined period to meet legal and legitimate business purposes, such as responding to queries, combating fraud, and complying with requests from regulators.
Retention Periods:
| Data Type | Summary | Retention Period | Reason for Retention |
|---|---|---|---|
| Client Information | Business address, email addresses, passwords, contact details, and personal contact details when provided. | 72 months | Compliance with laws regarding contractual agreements and invoicing. |
| Candidate Data | CVs, Temp Pack information including bank details, personal addresses, email addresses, phone numbers, ID, HMRC data, payroll data, pension data. | 72 months | Compliance with Money Laundering regulations, HMRC requirements, and accounting practices. |
Catering Temps Ltd’s Commitment to GDPR Compliance
As of May 25, 2018, the General Data Protection Regulation (GDPR) from the European Union has set the standard for managing personal data with a focus on security and privacy. This regulation isn’t just relevant to companies within the EU; it also affects businesses worldwide that handle the data of EU citizens or have clients in the EU.
At Catering Temps Ltd, we have made data privacy and information security a top priority in our operations. We understand the significance of these regulations and are dedicated to full compliance with GDPR requirements.
To ensure alignment with GDPR, we will soon be sending out updated customer contracts that include our revised terms and conditions, which outline our responsibilities under this regulation.
Overview of Our Privacy Practices
The GDPR emphasizes the protection of personal data for EU citizens, and Catering Temps Ltd is fully committed to upholding these standards. Below is a summary of how we handle privacy:
- Information Collection: We gather data directly from our clients and candidates, as well as from public sources, our own records, and other organizations, including government bodies like HMRC.
- Usage: We use this data to provide services, verify identities, improve our offerings, and process payments. We also use it for legal obligations and legitimate business interests.
- Sharing: Data is shared only with trusted partners essential to service delivery, and all partners are committed to GDPR compliance.
- Security Measures: We protect your data through encryption, staff training, and working with certified data security partners.
About Us
In this document, ‘we’, ‘us’, or ‘our’ refers to Catering Temps Ltd, which acts as the data processor. The term ‘you’ or ‘customer’ applies to the clients or candidates we serve. The responsibility for how your information is used lies with the data controller, while ‘customer data’ includes any files and documents owned by the client or candidate.
What Information Do We Collect?
We collect a range of information necessary to provide our services, including:
- Client and candidate names
- Mailing and email addresses
- Business and personal phone numbers
- Payroll details, CVs, and identification documents
This information is collected in compliance with legal regulations and is essential for the services we offer.
How We Use Your Information
Your information is utilized to:
- Verify identities and addresses
- Understand service usage
- Execute client instructions and deliver requested services
- Enhance our service offerings
- Process financial transactions
- Recommend additional services that could benefit you, unless you prefer not to receive these suggestions
We ensure that your data is used only in ways that are legally permitted, such as fulfilling contracts, complying with legal obligations, or pursuing legitimate business interests.
Protecting Your Information
To safeguard your personal data, we have implemented several measures:
- Encryption: All data stored on our devices is encrypted.
- Staff Training: Our employees receive training to ensure GDPR readiness.
- Certified Partners: We work with data security providers who are accredited, such as those with ISO27001 certification, ensuring the highest standards of protection.
- ICO Registration: Catering Temps Ltd is registered with the Information Commissioner’s Office (ICO) under reference A8297053, and we follow all applicable rules and guidelines.
Data Sharing and Retention
We may share your information with carefully selected partners who assist in delivering our services. You can request a list of these partners at any time. We do not share your information with any third parties beyond what is necessary to fulfill or improve our services.
Retention Periods: We retain your information for as long as you have an active relationship with us, plus an additional period afterwards, as required for legal and business purposes.
| Data Type | Description | Retention Period | Reason for Retention |
|---|---|---|---|
| Client Information | Includes business and personal contact details, contracts, and invoices. | 72 months | Compliance with legal requirements for contract and invoicing records. |
| Candidate Data | Includes CVs, bank details, contact information, ID, and payroll data. | 72 months | Compliance with regulations such as money laundering laws and HMRC requirements. |
Your Rights and Contact Information
As our client or candidate, you have rights regarding your data. You can request access to your data, ask us to correct or update it, or object to its processing. For any concerns or to exercise your rights, please contact us.
If you believe your data has been handled improperly, you can lodge a complaint with the ICO by calling 0303 123 1113 or visiting their website.
Data Protection Officer: