Information & data collected:
You may provide us with information about you that you give us by corresponding with us by mail, phone, e-mail, uploading your CV or otherwise. The information you give us may include, but is not limited to, your name, address, e-mail address, phone number, financial and credit card information, photograph.
We collect information about you when you visit our website; subscribe to our newsletters and email updates; use our eLearning services; apply for employment with us and engage in business dealings with us. You are not obliged to provide us with your personal information. However, if you do not, we may not be able to carry out the services you have requested of us.
Use of personal information:
We process personal information in order to comply with legal obligations to which we are subject; to fulfil our role as an employer of employees and/or contractors; to perform the services you have requested of us or to take steps at your request prior to undertaking to provide services for you; because you have consented to our processing of your data, for example to inform you of changes to our services or to provide you with information about other services we offer.
We may collect, hold, use and disclose the information collected to:
• compile statistical data and to maintain our databases;
• fulfill a contract or where you have asked us to do something which is a pre-cursor to a contract (e.g. provide a quote).
• comply with legal obligations we might be subject to (such as anti-money laundering);
• to monitor and improve the quality of our services;
• to protect your health and safety while working for or on behalf of us
• manage systems administration;
• attend to compliance issues;
• determine suitability for employment;
• allow you to participate in eLearning training;
• respond to any email enquiries, including any queries relating to your personal data;
• provide you with information about other services we offer that are similar to those you have already requested of us or enquired about;
• notify you of any upcoming marketing, training or other events;
• provide you with publications;
• develop/ improve our website;
• for other marketing purposes
We will not use or disclose your personal information for any other purpose which is not related (or in the case of sensitive information, directly related) to the above purposes without your consent, unless otherwise authorised, required or permitted under the law.
We will only disclose personal information to other companies in the Cromar group of companies and to suppliers or advisors we engage to process data on our behalf or as otherwise required by applicable law or regulations.
We may disclose your personal information on a confidential basis to external service providers so that they can provide services such as financial, health care or administrative services in connection with the operation of our business; and to any person (where necessary) in connection with their services, such as, but not limited to, law enforcement, regulatory authorities, partners or advisors.
If we engage external service providers, we will take reasonable steps to ensure those entities comply with their obligations under GDPR when they handle your personal information. We will also ensure external service providers are only authorised to use personal information for the limited purposes specified in our agreement with them.
We may disclose your data in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
Our agents, contractors or partners are restricted from using your data in any way other than to provide services for Cromar, or services for the collaboration in which they and Cromar are engaged. Cromar requires that all such agents, contractors or partners enter into contractual guarantees to observe security and privacy obligations as least as stringent as those set forth in this privacy statement.
Cromar takes its data security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We review our data security measures and procedures regularly. Unfortunately, the transmission of information by means of the internet, including through e-mail, is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or from us by means of e-mail and any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.
We might store your information in different places. Physical files are stored in our office(s) and file storage facility. Electronic files are stored on our secure servers and in the cloud. Please refer to our Retention Policy in relation to the period that we retain your data for.
If required, for storage or processing purposes, we may need to transfer your personal data to a destination outside the European Economic Area (“EEA”). It may be processed by our staff operating outside the EEA who work for us or for one of our suppliers. We and our service providers will take all steps reasonably necessary to ensure that storage and processing of your data outside the EEA continues to comply with the provisions of the GDPR.
In addition to the policies and procedures we employ to safeguard your data, your personal data is protected by the GDPR. This provides, among other things, that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant, and not excessive. The information should be kept up to date, where necessary, and not retained for longer than is necessary. It should be kept securely to prevent unauthorised access by other people.
You have the right to request that we:
• inform you whether we process your data, provide you with details relating to our processing, and with a copy of your data;
• rectify any inaccurate data we might have about you without undue delay;
• complete any incomplete information about you;
• erase your personal data without undue delay,
• are restricted from processing your data;
• furnish you with the personal data which you provided to us in a structured, commonly used and machine-readable format
Where we process your data solely on the basis of your consent, you are entitled to withdraw your consent at any time. This will not affect the lawfulness of our processing before the withdrawal. You also have the right to lodge a complaint with the relevant Data Protection Authority at any time.
The exercise of your rights might be subject to certain conditions prescribed by law and we might require further information from you before we can respond to your request.
You may exercise your rights by contacting us at the addresses or e-mail address at the end of the privacy notice.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website and e-learning management system features may not function as a result.
Our Website may, from time to time, contain links to and from other websites. If you follow a link to any of these websites, please note that these websites have their own privacy notices and we do not accept any responsibility or liability for these policies.
Any changes to this policy will be posted here.
Frederick Crowther and Sons Ltd
Armytage Road Industrial Estate