Privacy Policy

CLIENT PRIVACY STATEMENT

Sweeting HR Ltd is a company registered in England and Wales. We provide bespoke HR services to SME businesses.

Overview
Maintaining the security of your data is a priority and we are committed to respecting your privacy rights. We will handle your data fairly and legally at all times. We are also committed to being transparent about what data we collect about you and how we use it.

This policy which applies to whatever interaction you have with us provides you with information about:

• How we use your data
• What personal data we collect
• How we ensure that your privacy is maintained
• Your legal rights relating to your personal data

 

How We Use Your Data

Sweeting HR and also our trusted partners acting on our behalf may use your personal data for the following reasons:

• To provide services to you
• To make a tailored website available to you
• To manage any accounts that you hold with us
• To verify your identity
• For crime and fraud prevention, detection and related purposes
• With your agreement to contact you electronically about any promotional offers/products and services we think may interest you
• For market research purposes, to help understand your needs
• To enable interactions between us and you
• Where we have a legal right or duty to use or disclose your information (e.g. in a legal dispute)

 

Promotional communications
We use your data for electronic marketing purposes (with your consent) and may send postal mail to update you with our latest offers. We only aim to update you on products and services which are of interest and relevance to you as an individual. You have the right to opt out of receiving promotional communications at any time by contacting us via the contact details set out in this policy

 

Sharing data with third parties
Our service providers and suppliers

In order to make certain services available to you we may need to share your personal data with some of our service partners including IT providers.

We only allow our service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security which means that they can only use your data to provide services to us and you and for no other purpose.

 

Other third parties
Aside from service providers we will not disclose your personal data to any third parties, except as set out below and we will never sell or rent our customer data to other organisations for marketing purposes.

We may share data with:
-credit reference agencies where necessary for card payments
-government bodies, regulators, law enforcement agencies, courts/tribunals and insurers where required to do so:
-to comply with our legal obligations
-to exercise our legal rights
-for the prevention, detection, investigation of crime or prosecution of offenders
-for the protection of our employees and customers

 

How long do we keep data?
We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 6 years.

 

What Personal Data We Collect

We may collect the following information about you:
• Your name, age/date of birth and gender
• Your contact details – postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and email addresses
• Purchases and orders made by you
• Your on line browsing activities on the website
• Your password (s)
• When you make a purchase or place an order, your payment card details
• Your communication and marketing preferences
• Your location
• Your interests, preferences and feedback
• Your correspondence and communications
• Other publicly available personal data (including any which you have share via a public platform (such as a twitter feed or public Facebook page)

 

Our website(s) are not intended for children and we do not knowingly collect data relating to children. This list is not exhaustive, and, in specific instances, we may need to collect additional data for the purposes set out in this Policy.

Some of the above personal data is collected directly, for example when you set up an on-line account on our websites or send an email to our customer services team. Other personal data is collected indirectly, for example your browsing or shopping activity.

We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.

 

How We Protect Your Data
Sweeting HR is committed to keeping your personal data safe and secure.

Our security measures include: -
- encryption of data;
- regular cyber security assessments of all service providers who may handle your personal data;
- regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
- daily penetration testing of systems;
- security controls which protect our IT infrastructure from external attack and unauthorised access; and
- internal policies setting out our data security approach and training for employees.

 

What You Can Do To Protect Your Data

We will never ask you to confirm any bank account or credit card details via email. If you receive an email claiming to be from us asking you to do so, please ignore it and do not respond.

If you are using a computing device in a public location, we recommend that you always log out and close the website browser when you complete an online session.

In addition, we recommend that you take the following security measures to enhance your online safety:
- keep your account passwords private. Remember, anybody who knows your password may access your account.
- when creating a password, use at least 8 characters. A combination of letters and numbers is best. Do not use dictionary words, your name, email address, or other personal data that can be easily obtained. We also recommend that you frequently change your password. You can do this accessing your account, clicking ‘your account’, clicking ‘your data’ and selecting ‘change password’.
- avoid using the same password for multiple online accounts.

 

Your Rights
You have the following rights:
- the right to ask what personal data that we hold about you at any time);
- the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
- (as set out above) the right to opt out of any marketing communications that we may send you.

If you wish to exercise any of the above rights, please contact us using the contact details set out below.

 

Legal basis for Sweeting HR processing client’s personal data
General
Sweeting HR collects and uses clients’ personal data because is it necessary for:
- the pursuit of our legitimate interests (as set out below);
- the purposes of complying with our duties and exercising our rights under a contract for services to a client; or
- complying with our legal obligations.

In general, we only rely on consent as a legal basis for processing in relation to sending direct marketing communications to customers via email or text message.

Customers have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.

 

Our legitimate interests

The normal legal basis for processing customer data, is that it is necessary for the legitimate interests of Sweeting HR, including: -
- selling and supplying services to our customers;
- protecting customers, employees and other individuals and maintaining their safety, health and welfare;
- promoting, marketing and advertising our products and services;
- sending promotional communications which are relevant and tailored to individual customers;
- understanding our clients’ behaviour, activities, preferences, and needs;
- improving existing products and services and developing new products and services;
- complying with our legal and regulatory obligations;
- preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
- handling customer contacts, queries, complaints or disputes;
- protecting Sweeting HR, its employees and clients, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us;
- effectively handling any legal claims or regulatory enforcement actions taken against Sweeting HR; and
- fulfilling our duties to our clients, colleagues, shareholders and other stakeholders.

 

Contact Information
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:

- phone us on:  01253  987100
- e-mail us at: info@sweetinghr.co.uk
- write to us at: Sweeting HR. 2 New Media House, 8 Hardhorn Road, Poulton le Fylde, FY6 7SR

 

You have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, is available at https://ico.org.uk.