How we use your information
- Visitors to our website
- People who use our services (our customers)
- Job applicants and our current and former employees
Visitors to our Website
A cookie is a file containing an identifier made up of letters and numbers. The cookie is sent by our web server to your web browser and is stored by your browser. The identifier is then sent back to our web server each time the browser requests a page from the server. Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.
Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie will remain valid until its set expiry date, unless deleted by the user before the expiry date. A session cookie will expire at the end of the user session, when the web browser is closed.
Our site uses Woocommerce which in turn uses a persistent cookie that contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. No personal information is stored within these cookies. We also use session cookies which expire when you close your browser session. Our cookies do not contain any information that can personally identify a user.
Our website is based on WordPress. WordPress uses a session cookie to improve the user experience when browsing the site and moving from page to page. This cookie will expire at the end of the user session, when the web browser is closed.
Controlling Cookies from within your Browser
These links explain how you can control cookies via your browser. But do bear in mind that if you turn off cookies in your browser, these settings apply to all websites not just this one. Your overall browsing experience might be adversely affected.
Internet Explorer: http://support.microsoft.com/kb/278835
Internet Explorer Mobile: http://www.microsoft.com/windowsphone/en-us/howto/wp7/web/changing-privacy-and-other-browser-settings.aspx)
Contact Us Web Form
We provide a Contact Us web form on our website. This allows visitors to the website to request that we contact them. The personal data that is collected is the visitor’s name, email address and business name. This data is logged and emailed to the appropriate Posib Limited staff.
If the visitor subsequently becomes a customer of Posib Limited that data is stored and retained, otherwise it is deleted.
Visitors to Our Premises
We do not have car parking facilities and our offices are housed in multi-use business premises with direct access to Mold High Street. The High Street is monitored by recording CCTV cameras that are under the control of Mold Town Council. Please contact the Council direct if you require further information: firstname.lastname@example.org
People Who Call Us
When you call Posib Limited’s telephone line we may record any message you leave on our automated answering system. We use this information to respond to your enquiry and delete that recording once a response has been made.
People Who Email Us
We use Transport Layer Security (TLS) to encrypt and protect email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Our Customers and Users of our Services
Obviously, we must hold the details of our customers, their businesses and their staff. We need to do this so that we can provide them with support and to deliver our services.
We ask you for your personal details including name and contact details. We will also ask you about your previous experience and your education. We may ask for referees and we may require answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
Our hiring managers shortlist applications for interview. They will be provided with all of the information gathered at the Application Stage.
We might ask you to participate in assessment exercises; complete tests or occupational personality profile questionnaires; and/or to attend an interview – or a combination of these. Information will be generated by you and by us. For example, you might complete a written test or we might take interview notes. This information is held by Posib Limited.
If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained in our talent pool for a period of six months. If you say yes, we would proactively contact you should any further suitable vacancies arise.
If we make an offer of employment we will ask you for further information, and we may carry out pre-employment checks. We seek to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.
You will therefore be required to provide:
- Proof of your identity – you will be asked to attend our office with original documents, we will take copies
- Proof of your qualifications – you will be asked to attend our office with original documents, we will take copies
- We may contact your referees, using the details you provide in your application, directly to obtain references
- Bank details – to process salary payments
- Emergency contact details – so we know who to contact in case you have an emergency at work
- Proof of citizenship of the United Kingdom or other proof of the right to work in the United Kingdom
Use of Data Processors
Data processors are third parties who provide services to Posib Limited. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Hill & Roberts
If you are employed by Posib Limited, relevant details about you will be provided to Hill & Roberts who provide accountancy services to Posib Limited. This will include your name, address, date of birth, National Insurance Number and salary. They do not have access to your bank details.
How long is the information retained?
Employee records are retained by us as part of each employee file for the duration of their employment plus 6 years following the end of their employment. This includes records of any security checks and references.
Job Applicant Information
If your employment application is unsuccessful the information you have provided will be retained for 6 months from the point at which you are unsuccessful.
Information generated throughout the assessment process, for example interview notes, is retained by us for 6 months.
If you stop being a customer of Posib Limited we will retain your details for a period of 8 years following the cessation of the contract. If you choose to return as a customer during that period, our retention of your data will ease the process of re-instating you as a customer.
The Data Protection Act 2018 (DPA) updates data protection laws in the UK, and sits alongside the General Data Protection Regulation (GDPR) 2016 and can be viewed by following the link: http://www.legislation.gov.uk/ukpga/2018/12/contents/enacted
The GDPR introduced a number of new requirements, including changes to privacy notices, consent and requests to view personal data. The Privacy and Electronic Communications Regulations (PECR) 2003 sit alongside the Data Protection Act and the GDPR. They give people specific privacy rights in relation to electronic communications.
There are specific rules on:
- marketing calls, emails, texts and faxes;
- cookies (and similar technologies);
- keeping communications services secure; and
- customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.
The GDPR does not replace PECR, although it changes the underlying definition of consent. Existing PECR rules continue to apply, but using the new GDPR standard of consent.
Posib Limited has a responsibility under the DPA to hold, obtain, record, use and store all personal data relating to an identifiable individual in a secure and confidential manner.
The DPA governs the handling of personal information that identifies living individuals directly or indirectly and covers both manual and computerised information. It provides a mechanism by which individuals about whom data is held (the “data subjects”) can have a certain amount of control over the way in which it is handled.
Posib Limited is committed to ensuring that personal information is handled in a secure and confidential manner in accordance with its obligations under the DPA and professional guidelines. Posib Limited will use all appropriate and necessary means at its disposal to comply with the DPA and associated guidance.
Under the General Data Protection Regulation (EU 2016/679) (GDPR), you have rights as an individual which you can exercise in relation to the information we hold about you.
The GDPR provides the following rights for individuals:
- the right to be informed
- the right of access
- the right to rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object
- rights in relation to automated decision making and profiling
You can read more about these rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Complaints or Queries
Posib Limited tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of the collection and use of personal information by Posib Limited. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
Access to Personal Information
Posib Limited tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any of their personally identifiable information by making a subject access request under the General Data Protection Regulation (EU 2016/679) (GDPR). If we do hold information about you we will:
- Respond within 30 days
- Tell you what it is
- Tell you why we are holding it
- Tell you who it is shared with
- Let you have a copy of the information in an intelligible form
To make a request to Posib Limited for any personal information we may hold you need to put the request in writing to the address provided below.
If we do hold information about you, you can ask us to correct any mistakes there may be in the data.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 25 May 2018.
How to contact us
You can write to us at:
St Mary’s Chambers
87 High Street
You can email us at: email@example.com