Baily Garner (H&S) Ltd understands that everyone’s privacy is important and care about how personal data is used. We respect and value the privacy of everyone we interact with and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
‘We’ ‘our’ or ‘us’ in the context of this statement is Baily Garner (H&S) Ltd, a private limited company trading as a health and safety consultancy.
This Privacy Information explains how we collect, hold securely and use any personal data gathered in the course of our business. It also explains your rights under the law relating to your personal data.
Personal data is any information about you that enables you to be identified and covers information such as your name and contact details. The personal data that we use is set out in Part 5, below.
Under the GDPR, you have the following rights, which we will always work to uphold:
If you have any cause for complaint about our use of your personal data, and we do not resolve it to your satisfaction, you have the right to lodge a complaint with the Information Commissioner’s Office.
We may collect some or all of the following personal data which will vary according to your relationship with us:
You warrant that all information you provide to us is accurate and up-to-date.
We need this information to fulfill our obligations under service contracts or because you have consented to providing this information or because we have assessed that we have a legitimate interest in holding this data for the purpose that we need to use it. Your personal data may have been provided to us as processors of information under GDPR in which case, we will act in accordance with GDPR regulations and by direction of the third party organisations instructing us.
Under the GDPR, we must always have a lawful basis for using personal data. This will be:
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected, at which point we will delete it.
We may store your personal data in either electronic or hard copy form (or both)
We will only store your personal data within the UK or, if stored digitally by third parties, for back up, file transfer or storage purposes, on servers in the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.
The security of your personal data is a priority to us and to protect all our data, we conform to industry standard cyber and digital security standards which are independently verified on an annual basis.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service. Some of the cookies we use are essential for the site to operate.
Except for essential cookies, all cookies will expire after 23 days.
We will not share any of your personal data with any third parties for any purposes, other than we may be required to share certain personal data, with third parties in the course of meeting our obligations under contract (e.g. to provide your details to an authorised contractor performing remedial works that we are overseeing).
If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
If you want to know what personal data we have about you, you can ask by emailing Practice Manager Emma Charter - email@example.com
All subject access requests should be made in writing and sent to the email or postal addresses shown below.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request as quickly as we are able and in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of progress.
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:
Email to firstname.lastname@example.org or in writing to 34 Lafone Street, London, SE1 2LX
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes. Any changes will be made available here.