Privacy Policy

DATA PROTECTION POLICY

AVTEK Ltd manufactures and installs aluminium curtain walling solutions for a wide range of public and private sector clients. AVTEK Ltd is committed to meeting the requirements of the General Data Protection Regulations.

AVTEK Ltd is required to keep certain personal information, for example staff details, in order to fulfil its purpose and to meet its legal obligations. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully. To do this, the company must comply with the guidelines set out in the General Data Protection Regulations.

PRINCIPLES
Personal data shall: –

The company, and all staff who process or use personal information, must ensure that they follow these principles at all times. In order to ensure that this happens, the Company has developed this Data Protection Policy.

STATUS OF THE POLICY
This policy has been approved by the company and any breach will be taken seriously and may result in more formal action.

Any member of staff who considers that the policy has not been followed in respect of personal data about themselves should raise the matter with their line manager, or the company Data Controller, in the first instance.

NOTIFICATION OF DATA HELD AND PROCESSED
All staff are entitled to: –

RESPONSIBILITIES OF STAFF
All staff are responsible for: –

If, as part of their work responsibilities, staff collect information about other people (e.g. personal circumstances regarding members of staff in their department), they must comply with this Policy and with the Data Protection Guidance Notes.

DATA SECURITY
The need to ensure that data is kept securely means that precautions must be taken against physical loss or damage, and that both access and disclosure must be restricted. All staff are responsible for ensuring that:

Detailed advice on data security is contained in the Data Protection Guidance Notes.

RIGHTS TO ACCESS INFORMATION
Employees of the company have the right to access any personal data that is being kept about them, regardless of whether it is held on computer systems or is paper-based. Any person who wishes to exercise this right should make the request in writing to the company, using the standard form which is available from the company Data Controller.

AVTEK Ltd aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 40 days of receipt of a completed form, unless there is good reason for delay. In such cases, the reason for delay will be explained in writing to the individual making the request.

PUBLICATION OF COMPANY INFORMATION
Information that is already in the public domain is exempt from the regulations. This would include, for example, information on staff contained within externally circulated publications. Any individual who has good reason for wishing details in such publications to remain confidential should contact the company Data Controller.

SUBJECT CONSENT
The need to process data for normal purposes has been communicated to all staff. In some cases, if the data is sensitive – for example information about health, race or gender, etc. – express consent to process the data must be obtained. Processing of the data may be necessary in order to comply with other company policies, such as health and safety and equal opportunities.

RETENTION OF DATA
It is a requirement that the Company has to keep some forms of information for longer than others. The company has a Records Retention Schedule.

THE COMPANY’S DESIGNATED DATA CONTROLLER
The company is the data controller under the regulations and is therefore ultimately responsible for implementation. However, day to day matters will be dealt with by Administration. Any questions or concerns about the interpretation or operation of this policy should be taken up in the first instance with the company Data Controller.

This policy will be reviewed on an annual basis and is available to interested parties on request.

Avtek Solutions