Dispute Resolver Consultancy is committed to protecting and respecting the personal data that we hold. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves and by others.
Personal data is any information relating to an identified or identifiable living person. When collecting and using personal data, our policy is to be transparent about why and how we process personal data. The personal data that is provided to us is provided either directly from the individual concerned, from a third party acting on behalf of, or connected to, an individual, or from publicly available sources (such as internet searches, and Companies House).
DISPUTE RESOLVER CONSULTANCY is defined as a Data Controller under the Data Protection Act 2018 and is registered with the Information Commissioner’s Office (ICO) under xxxx. DISPUTE RESOLVER CONSULTANCY only collects or uses personal information for those purposes indicated in our notification with the Information Commissioner’s Office.
Data that we hold
DISPUTE RESOLVER CONSULTANCY processes personal data for numerous purposes:
The personal data that we process may include any relevant financial or non-financial information necessary for us to provide our services. As an example, this may include contact details, payroll data, employee information, lists of shareholders, customers and suppliers and any other specifically relevant data.
The data that is processed is dependent on the service that is being provided and on the recipient of this service. In some instances, where this is relevant to the service that we are providing, this may include sensitive data special category data such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, health, sex life or criminal record.
We take the security of all the data we hold seriously. Staff are trained on data protection, confidentiality and security, and we maintain a culture of confidentiality.
We have a framework of policies and procedures which ensure that we keep the data we hold secure.
All data is stored on our secure servers and we have put in place appropriate internal security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to the duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach as required by law.
We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully.
We retain the personal data processed by us for as long as is considered necessary for the purpose(s) for which it was collected (including as required by applicable law or regulation).
In determining the appropriate period for the retention of personal data we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve these purposes through other means and the applicable legal requirements.
Information sharing and disclosure
DISPUTE RESOLVER CONSULTANCY will not sell or swap your information with any third party.
We may share your information with our data processors. These are trusted third party organisations that provide applications/functionality, data processing or IT services to us. We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud-based software, identity management, website hosting and management, data analysis, data back-up, security and storage services.
In addition, we may share personal data with individual members of our mediator, adjudicator, consultant and trainer panels where this is a necessary aspect of our service delivery.
All our trusted partners are required to comply with data protection laws and our high standards and are only allowed to process your information in strict compliance with our instructions. We will always make sure appropriate contracts and controls are in place and we regularly monitor all our partners to ensure their compliance.
We may disclose your personal information to third parties if we are required to do so through a legal obligation (for example to the police or a government body); to enable us to enforce or apply our terms and conditions or rights under an agreement; or to protect us, for example, in the case of suspected fraud or defamation.
We do not share your information for any other purposes.
The GDPR and Data Protection Act 2018 provide you with a number of rights. Your key rights are set out below. Further information may be obtained from the Information Commissioner’s Office.
The ICO’s address is: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. You can also contact them by telephone on 01625 545 745 or via their website at ico.org.uk.
If you wish to review, verify, correct or request the erasure of your personal data, object to the processing of your personal data, withdraw your consent to the processing of your personal data or request that we transfer a copy of your personal data to a third party please contact us via our contact form.
We will respond to your request as soon as we can. Generally, this will be within one calendar month from when we receive your request but on occasions, it may take longer to deal with your request and in such circumstances, we will let you know.
Changes to this Privacy Notice
Any changes we make to our Privacy Notice in the future will be posted on our website and where appropriate notified to you by email or otherwise.