Group Urban LTD understand that your privacy and the security of personal information is extremely important. This policy outlines what we do with your personal data, how we keep it secure, whom we share the information with and why, as well as your rights in relation to the data held about you. This policy applies if you interact with us through our office/s, over the phone, online, social media, mobile app/s or otherwise by using the website/s (‘our services’).
Who are we?
When we refer to 'us' or 'we' in this policy, we are referring to the legal entities which make up Group Urban LTD.
What sort of personal information do we hold?
Personal information that you provide to us such as, your name, address, date of birth, telephone number/s, email address, next of kin, qualifications, financials, medial history as well as any feedback you give us, including phone, email, post, mobile apps, or when you communicate via any social media platforms.
Information about the services that we provide to you (including for example, the work we have provided to you, when, where and who, pay details, and so on).
Information required to decide about your request for work (for example, compatibility, availability & suitability) such as the personal data supplied with medical history, qualifications, right to work and so on.
Access to your personal profile (URBAN STAFF PORTAL) with updates and amendments.
Information about whether you have chosen to receive the monthly GROUP URBAN LTD Newsletter or other communicative social media postings.
Analytical information about any device you have used to access ‘our services’ and how you used them (such as browser or IP address) for example, we try to identify which of our apps you use and when and how you use them. If you use our website/s, we try to identify when and how you use those website/s too.
Your contact details and details of other electronic communications you receive from us, including whether that email has been opened and if you have clicked on any of the links within the communication.
Information from other sources such as specialist companies that provide specific information which may be required for legitimate and relevant purposes (such as licence checks with DVLA) as well as information which is publicly available.
Why do we ask for Personal Data and how do we use it?
For GROUP URBAN LTD to comply with Industry specific Health & Safety requirements and compliances, we will have to obtain personal data (information relating to an identified or identifiable natural person) from you. This procedure is done during registration using our unique online portal. You will be required to complete and submit a registration/personal profile which is unique to you. At this stage, we would require your consent to use and store the information you have willingly provided to us to assess suitability and compatibility to work within the Traffic Management Industry. Also, if in agreement, your consent to use your personal data to receive industry specific news/updates from GROUP URBAN LTD. Your safety and the safety of other is paramount and as such this process is vital.
Whenever we process your personal information we must have something called “a legal basis” for what we do. The grounds for lawful processing of data are;
Consent: the individual has given clear consent for you to process their personal data for a specific purpose
Contract: the processing is necessary for a contract you have with the individual or because they have asked you to take specific steps before entering into a contract
Legal obligation: the processing is necessary for you to comply with the law
Vital interests: the processing is necessary to protect someone’s life
Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law
Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
To provide our service – we need specific information from you to make our service available to you. If you do not provide this information to us or consent to us using and sharing where relevant, then we will be unable to engage with you and provide you with the service we offer. The information we request is specific to the service we offer and is only used for its intended purpose. Information will be shared with third parties as necessary to fulfil the service.
Sharing personal information – we will only share your personal information in response to requests which do not override your privacy interests. (We will only share personal information with e.g. customers, suppliers, partners who have a legitimate interest in your personal information).
Contracts – to carry out our obligations arising from any contracts entered by you and us.
Orders – process orders submitted by you.
Verification – verify your identification.
Contacting you – we use personal data to contact you (via various mediums, for example telephone, email, social media) with relevant information and details required to fulfil the requirements of the service we offer when you engage with us. This is necessary to complete the service we provide. With your permission, we would like to contact you with Industry specific updates and topical information using various mediums which we feel is beneficial and relevant to you. You will be asked to ‘opt in’ to this service at time of registration or you can contact us any time thereafter to ‘opt in’. You will also have the option to ‘opt out’ if you change your mind and do not wish to receive these updates, you can do this by clicking the ‘unsubscribe’ button. These can be clearly found at the end of each article.
Analytics and profiling – we sometimes use your personal data for statistical analysis and to help us understand more about you. This helps us to produce a better service and find ways to improve.
Notifications – we will notify you of changes updates and improvements to our services.
You have several rights under the GDPR legislation which, in certain circumstances, you may be able to exercise in relation to the personal data we process about you.
Right of access –to request access to your personal information and information about how we process it
Right to rectification –to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased.
Right to restriction of processing – to restrict processing of your personal information
Right to data portability - to electronically move, copy or transfer your personal information in a standard form
Right to object - to object to processing of your personal information
For more information on Data Subject Rights go to www.ico.org.uk
If you are seeking to exercise any of these rights, please contact us using the details in the “Contact Us” section below. Please note that we will need to verify your identity before we can fulfil any of your rights under data protection law. This helps us to protect the personal information belonging to you against fraudulent requests.
Automated decision making and profiling
We use automated decision making, including profiling, in certain circumstances, such as when it is in our legitimate interests to do so, or where we have a right to do so because it is necessary for us to enter into, and perform, a contract with you. We use profiling to enable us to give you the best service possible.
How long will we keep your personal information for?
We take protecting your personal information very seriously and are continually developing our security system and processes. Some of the controls we have in place are;
Limited and restricted physical access to our buildings and offices
User access to our systems to only those that we believe are entitled, with legitimate reason, to be there
We use technology controls for our systems, such as firewalls, user verification, personal identity verification, password complexity, data encryption, and so on.
We utilize “good practice” standards to support the maintenance of a robust information security management system
We enforce a “hierarchy” policy, for access to any data or systems.
Where do we store our data?
Data is stored in a SECURE cloud-based system which is GDPR compliant
Locked, secure filing cabinet
Locked, secure vaults and safes.
If you would like to exercise one of your rights as set out in the “Your rights” or “Automated decision making and profiling” sections above, or you have a question or a complaint about this policy, or the way your personal information is processed, please contact us as follows;
In writing to; Data Protection Officer GROUP URBAN LTD, 3a willow grove, Chislehurst, Kent, BR7 5BN
You also have the right to lodge a complaint with the UK regulator, the Information Commissioner’s Office (ICO). Go to ico.org.uk/concerns to find out more information.