How and what data we collect
PCAS Ltd collects data in the form of:
• Personnel and subcontractor details and competencies
o When you apply to work for or provide services to PCAS Ltd
o When you become an employee
o When you provide subcontractor services
• Client/Customer details
o Enquire regarding our products and Services
o Ask us to tender for work
o Buy or use our products and services
o Subscribe to newsletters or alerts from us
o Where your information is available publically
• Supplier details
o Are the supplier of products and services to PCAS Ltd
o When we have approached a supplier for a quote for work
• Visitors
o When you visit one of our worksites or business premises
• Emergency contact details for visitors and personnel whilst working for or on PCAS Ltd work sites
What we use it for
PCAS Ltd collect data for the purposes of running a professional and legitimate business, and to enable us to provide our customers with the products and services they have requested – the data we collect is used for:
• Recording of accurate information for employment and financial reporting purposes
• To verify competencies to work for or provide a service to PCAS Ltd
• To enable maintenance of company business relationships and increase its operational value
• To maintain our approved supplier database
• To ensure that we are able to provide a list of persons on site/on project sites in the event of an emergency.
• So in the event of an emergency, the project team are able to refer to emergency contact information quickly.
• We use data collected for Internal monitoring and review of management systems
• To make improvements to the products and services we offer to customers
How we store our data
PCAS Ltd store data in the following ways:
• Electronically on a company PC or Laptop
• On secure email servers
• Using Drop Box and Sage secure applications
• In paper form:
• At the project work site or at the company registered office address
• In files used for accountancy evidence
How we protect our data: To ensure the safety of the data we hold he will ensure that:
• PCAS Ltd PC’s and Laptops are password protected
• PCAS Ltd PC’s and Laptops are secured against malware, viruses and spyware using Microsoft protection applications
• Electronically stored data containing personally identifiable information is stored under files which are password protected
• Our PC’s and Laptops are backed up weekly to the cloud prevent loss of data
• Paper files are kept on the work site for the duration of the project, and on completion at the companies registered office address.
• Paper files relating to financial accountancy matters are kept at the companies registered office address.
• Work site and offices are always secured when unmanned.
• We always ensure that only authorised persons, who have a legitimate reason for access, are permitted to have access to personal data.
• We ensure that we dispose of personal data after its retention period in a responsible and irretrievable manner
How we share our data: When sharing data for business operations we will always:
• Use a secure email server to send and receive information
• Verify the recipients identity and confirm their reasons for requiring the data are legitimate
• Use Dropbox for securely sending large quantities of data
• We will discourage the use of sending personal data electronically where this is practical.
How we validate our data: When sharing data for business operations we will always:
Use a secure email server to send and receive information
Verify the recipients identity and confirm their reasons for requiring the data are legitimate
Use Dropbox for securely sending large quantities of data
Other Relevant Information
Other Authorities
We are bound by law to provide certain personal information with government authorities on their request. This may be entities such as HMRC, HSE, Customs and Excise, lawyers, Child Maintenance service etc. Pleavin Power will verify the source of any request made for personal information by any legal authority prior to subjecting any information.
We will also gain the consent of the persons where appropriate before providing data.
Website
PCAS Ltd do not collect data from visits to our website. Analysis is provided by the website host is available on request but only in the form of numbers of persons viewing. Unless the user completes an online contact form, in which case these details are expressly given.
Children
We do not employ, subcontract, nor store details of children, or under 18’s, or offer services to those requiring parental permissions for consent.
Data Processing
We do not process data other than for company internal compliance monitoring. We do not share data nor sell data for mailing lists.
Your Rights
• Rights to correct personal Data – Everyone has the right to have the information held about you corrected if it’s not accurate. To correct inaccurate data you will need to put this in writing directly to the Responsible Person/DPO
• Right to access personal data – Everyone has the right to request the personal data that PCAS Ltd holds for you. To make this request please put this in writing to the Responsible Person/DPO. We will respond to your request within 30 days of receipt of your request. We do not charge to provide this information.
• Right to object to or restrict the use of your personal data – Everyone has the right to object to or restrict PCAS Ltd processing your personal information. To notify us of your objection, or restriction please put this in writing to the responsible Person/DPO
• Right to erase your personal data – Everyone has the right to request the erasing of your personal data from PCAS Ltd information. To notify us of your request to erase, please put this in writing to the responsible Person/DPO
• Right to be informed- If your personal data is subject to unauthorised access, you will be informed to the extent and scope. The company will undertake a full investigation into the breach and as appropriate the ICO will be notified.
• Right not to be subject to automated decision-making including profiling – Automated decisions will not be made based on personal data, and will always be subject to human interaction.
• Right to portability – You have the right to take with you the personal data you have provided to us, this allows you to obtain and reuse personal data for your own purposes across different services.