Data Protection Policy Introduction
The Data Protection Act 1998 (the Act) regulates the way in which all personal data is held and processed. This is a statement of the data protection policy adopted by Blinc-UK Ltd. It applies to all Blinc-UK Ltd employees. In order to operate efficiently Blinc-UK Ltd needs to collect and use information about the people with whom we work. This includes current, past and prospective employees, reviewers, professional experts, stakeholders, delegates and others with whom we communicate. Blinc-UK Ltd regards the lawful and correct treatment of personal information as integral to our successful operation, and to maintaining the confidence of the people we work with. To this end we fully endorse and adhere to the principles of the Act. Blinc-UK Ltd is registered as a data controller on the register kept by the Information Commissioner (ICO).
The purpose of this policy is to ensure that everyone handing personal information at Blinc-UK Ltd is fully aware of the requirements of the Act and complies with data protection procedures and that data subjects are aware of their rights under the Act.
Scope: Information Covered by the Act
'Personal data' covered by the Act is essentially any recorded information which identifies a living individual. Personal data held by Blinc-UK Ltd will include contact information for a variety of stakeholders and other personal details.
Responsibility for Blinc-UK Ltd compliance with the Act
The directors of Blinc-UK Ltd have overall responsibility for compliance with the Act but individual members of staff are responsible for the proper use of the data they process.
The principles of the Act require that personal information must:
Be processed fairly and lawfully.
Not be used for a purpose for which it was not collected.
Be adequate, relevant and not excessive for the purpose.
Be accurate and up-to-date.
Not be kept longer than necessary.
Be processed in accordance with the data subject's rights.
Be kept secure and protected from unauthorised processing, loss or destruction.
Be transferred only to those countries outside the European Economic Area that provide adequate protection for personal information.
In order to meet the requirements of the principles Blinc-UK Ltd will:
Fully observe conditions regarding the fair collection and use of information.
Meet its legal obligations to specify the purposes for which information is used.
Collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements.
Ensure the quality of the information used.
Hold personal information on Blinc-UK Ltd systems for as long as is necessary for the relevant purpose, or as long as is set out in any relevant contract held with Blinc-UK Ltd’s Records Retention Schedule.
Ensure that the rights of people about whom information is held can be fully exercised under the Act (these include: the right to be informed that processing is being undertaken; the data subject's right of access to their personal information; the right to prevent processing in certain circumstances; the right to correct, rectify, block or erase information which is regarded as wrong information).
Take appropriate technical and organisational security measures to safeguard personal information and;
Ensure that personal information is not transferred outside of Blinc-UK Ltd without suitable safeguards.
Blinc-UK Ltd responsibilities for data protection and confidential information
Blinc-UK Ltd will ensure that there is someone with specific responsibility for data protection in the organisation. The nominated person is currently the Mr Darren Bignall and may be contacted at:
Mr Darren Bignall
Blinc Tenant Referencing, Unit B2 Smallmead House, Smallmead, Horley, Surrey, RH6 9LW
Blinc-UK Ltd will ensure that:
Everyone managing and handling personal information understands that they are responsible for following good data protection practice.
This policy is available to each member of staff.
Everyone managing and handling personal information is appropriately trained and supervised.
Queries about handling personal information are promptly and courteously dealt with and clear information is available to all staff.
Staff responsibilities for data protection and confidential information
All staff should be aware of the requirements of the Act and how the rules apply to them.
All staff must complete data protection induction and annual training.
All staff have a responsibility to ensure that they respect confidential information in their possession and maintain information security. Disclosure of confidential information gained as part of your employment to a third party, or assisting others in disclosure, will be viewed by Blinc-UK Ltd with the utmost seriousness.
All staff are responsible for ensuring personal information is kept no longer than is necessary.
For further advice, please contact Mr Darren Bignall.
Who do we share data with
In order to process your application we will supply some of your personal information to TransUnion International UK Limited, which is a credit reference agency providing services such as credit risk and affordability checking, fraud prevention, anti-money laundering, identity verification and tracing.
TransUnion will use your personal information to provide services to us and its other clients. We use their services in order to assess your creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity such as fraud and money laundering. More information about TransUnion and the ways in which it uses and shares personal information can be found in its privacy notice at https://www.transunion.co.uk/legal-information/bureau-privacy-notice
Lexis Nexis Risk Solutions
In order to process your application we will supply some of your personal information to Lexis Nexis Risk Solutions UK Ltd, which is a company providing services such as credit risk and affordability checking, fraud prevention, anti-money laundering, identity verification and tracing.
Lexis Nexis will use your personal information to provide services to us and its other clients. We use their services in order to assess your creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity such as fraud and money laundering. More information about Lexis Nexis and the ways in which it uses and shares personal information can be found in its privacy notice at https://risk.lexisnexis.co.uk/privacy-policy
Blinc-UK Ltd respects your privacy. The information that you provide us with, or that is gathered automatically, helps us to monitor our services and provide you with the most relevant information.
Privacy is very important to us.
We have appointed Mr Darren Bignall, Director, Blinc-UK Ltd as our Data Protection Officer (DPO).
If, in future, you want to know or have any queries regarding data protection or our policies, all you have to do is ask – just send an email to firstname.lastname@example.org we can help resolve your query. You also have a right to lodge a complaint with the ICO if you wish.
Subject Access Requests
Under the Act individuals have the right to access personal information Blinc-UK Ltd may hold about them. If you wish to request such information, please email email@example.com
Data Protection Complaints Procedure
Blinc-UK Ltd aims to comply fully with its obligations under the Act. If you have any questions or concerns regarding Blinc-UK Ltds 's management of personal data, including your right to access data about yourself, or if you feel Blinc-UK Ltd holds inaccurate information about you, please contact Mr Darren Bignall, (DPO) (details above). If you feel that your questions or concerns have not been dealt with adequately or that a subject access request you have made to Blinc-UK Ltd has not been fulfilled you can use Blinc-UK Ltd’s complaints procedure: If you are still dissatisfied, you have the right to contact the office of the Information Commissioner, the independent body overseeing compliance with the Act: http://ico.org.uk/.