Your browser is out of date

This website has been built for modern browsers, yours is many years out of date and as a result, your experience of this website will be poor.

Please upgrade your browser and pop back.

Thanks.

Call us now on: 0208 249 1515

Privacy Policy

 

General Statement

COMXPS LTD may ask for some Personal Data from its staff, associates, clients or any other connected party. This ensures that we can provide services to the required level.

We take responsibility for looking after information seriously. COMXPS LTD comply with the law and good practice and follow the General Data Protection Regulation (GDPR) when asking for or handling your information.

This policy sets out our commitment to protecting Personal Data. If applicable, a copy of this statement is brought to the attention of all employees, volunteers or any other connected party. Data Protection training is provided to all permanent employees.

COMXPS LTD has an appointed Data Protection Office (DPO).

In summary, we will cover:

Personal Data

As defined by the GDPR; ‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The Personal Data processed by COMXPS LTD causes a real risk for individuals to be harmed following a data breach defined by the GDPR as a ‘breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.’ This policy, in conjunction with relevant company documents (including the Data Protection Procedure and Internal Data Protection Training Manual) aims to minimise risk to Data Subjects and establishes reporting and complaint procedures.

Details of the Personal Data processed by COMXPS LTD can be seen in our Information Audit. COMXPS LTD collects ‘sensitive’ Personal Data for example medical information, criminal record details, religion, race and gender.

Processing Personal Data

Processing Personal Data allows COMXPS LTD to provide services to the appropriate level. Personal Data is collected if there are one or more specific and lawful reasons. The Personal Data collected is relevant and kept to an absolute minimum to allow services to be adequately provided. Personal Data will be processed in a fair and transparent manner.

COMXPS LTD has established policies and procedures to ensure Personal Data is processed in a secure manner. This includes IT and physical environmental factors.

COMXPS LTD provides consultancy services and interim professionals to public, private and third sector Clients. We manage the full recruitment process, providing an exceptional, personal and bespoke service to both Clients and Associates alike. COMXPS LTD may ask for some Personal Data from its staff, associates, clients or any other connected party. This ensures that we can provide services to the required level. We may therefore collect or receive Personal Data which includes, but is not limited to;

The Personal Data may be collected from a variety of sources, including, but not limited to;

Storing Personal Data

The Personal Data may be stored and processed by all COMXPS LTD employees, who may need to ask for personal details from other staff, associates, clients, candidates or any other connected party. Employees are provided with training to ensure they understand the importance of protecting Personal Data, and to provide best practice guidelines. This includes, but is not limited to the following methods;

Consent

Data subjects will be asked for consent to process their Personal Data. The form/ level of this consent is different depending on the circumstance. No children are involved in the services provided by COMXPS LTD, so all individuals give own consent (unless otherwise agreed). Consent can be given in writing or orally.

Data subjects have the right to object to provide Personal Data. This may impact the services COMXPS LTD can perform. In some instances, Personal Data is mandatory.

Personal Data is shared only with COMXPS LTD employees and company representatives unless;

The Personal Data is provided with the intention to submit this information to client or third party. This may include, but is not limited to;

Data subjects have the right to delete or remove Personal Data and can withdraw consent at any point. On request all data is disposed of in a secure manner (unless COMXPS LTD have communicated why they are lawfully unable to do) and confirmation is sent to the data subject. Where possible, if Personal Data has been disclosure to third parties, it will be requested that the Personal Data is also deleted or removed.

The Rights of Data Subjects / Rights of Access

Data subjects have Rights of Access and COMXPS LTD will act in an open and transparent manner. COMXPS LTD will confirm that your data is being processed (including why and to whom if this is not evident).

On request, COMXPS LTD will also confirm what Personal Data we have processed, or are processing, the processor, how this is processed and why. Finally, how this Personal Data is used and who it is shared with. This information will be provided without delay and within a maximum of 1 calendar month (there is no fee, unless otherwise agreed).

To exercise your Right of Access, please contact our DPO to initiate the request.
Emily Wells; Emily.wells@comxps.com / 02082491515.

Exceptions

In some circumstances, COMXPS LTD will withhold information. This includes, but is not limited to:

External Processors

COMXPS LTD considers the data protection procedures of any other connected party and if necessary will request confirmation of GDPR compliance (if not evident in company contracts). This includes data processors or controllers.

COMXPS LTD takes responsibility for securing the transfer of, or communication of Personal Data. Comprehensive security measures are taken.

Retention of Data

COMXPS LTD take steps to ensure Personal Data is as accurate as possible and is kept up to date. Personal Data is not kept longer than necessary and is accounted for.

COMXPS LTD takes responsibility for securing the storage and management of Personal Data. Comprehensive security measures are taken.

The Personal Date will be kept for a suitable amount of time, based upon several factors including, but not limited to; the amount, sensitivity, purpose, and any legal obligations.

Enforcement

COMXPS LTD reviews data protection policies and procedures. This policy is implemented in line with other company policies including Data Protection Procedure and Internal Data Protection Training Guidance. COMXPS LTD employees are suitably trained and potential Personal Data breaches are investigated and reported without delay. COMXPS LTD take our responsibility for the protection of Personal Data seriously. Misconduct will be disciplined in line with our Disciplinary Action Policy.

COMXPS LTD have the right to amend or modify this Privacy Statement.

Any problems or queries please contact our DPO or ask for our company complaints procedure.
Emily Wells; Emily.wells@comxps.com / 02082491515

If COMXPS LTD are unable to settle your complaint, the Information Commissioner’s Office (ICO) can be contacted to make a complaint or ask for further advise;
ICO helpline; Telephone: 0303 123 1113

Should you have any questions regarding the above please contact COMXPS LTD.

Our dedicated team would be pleased to discuss in more detail how we may be able to help