Your rights, your information and how we use it:
The U&M Group Construction (The Company) is committed to protecting your personal information. Our Privacy Policy contains important information about what personal details we collect, what we do with that information, who we may share it with and why, and your choices and rights when it comes to the personal information you have given us. From time to time, we may need to make changes to our Privacy Policy, so please check our website for updates. If there are important changes such as changes to where or how your personal data will be processed, we will contact you to let you know. Please read the following carefully to understand our views and practices regarding your personal data and how we will use it.
For the purpose of the Data Protection Act 1998, the Data Controller is Underpin and Makegood (Contracting) Ltd, Units 1&2 Franklin House, Crown Road, Enfield EN1 1FE.
This version of our Privacy Policy was last updated on May 2018.
Who we are:
We are a construction company specialising in underpinning, piling, new foundation systems, structural repairs, general building, insured peril restoration and scaffolding.
How to contact us:
If you have any questions about our Privacy Policy or the information we collect or use about you, please email the Managing Director at [email protected]
Information we collect and use:
- Information about you that we collect and use includes:
- Information about who you are e.g. your name, date of birth and contact details
- Information connected to your enquiry
- Information about your contact with us e.g. meetings, phone calls, emails/letters
- Information that is automatically collected e.g. via cookies when you visit our website
- Information if you visit our premises e.g. visual images collected via closed-circuit television
- Information classified as “sensitive” personal information e.g. relating to your health, marital or civil partnership status, bank account, next of kin etc. This information will only be collected and used where it is needed to provide the service you have requested, in an emergency or to comply with our legal obligations.
Where we collect your information:
We may collect your personal information directly from you, from a variety of sources, including:
- phone conversations with us (telephone conversations are recorded for training and monitoring purposes)
- text messages
- emails or letters you send to us
- online services such as websites and social media
What we collect and use your information for:
We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only where:
- you have given us your permission to send you information about services offered by us.
- it’s necessary to provide the service you have requested
- it’s necessary for us to meet our legal or regulatory obligations e.g. to tell you about changes to any Terms and Conditions
- it’s in the legitimate interests of The Company e.g. to deliver appropriate information and guidance where we need to process your information to better understand you and your needs so we can send you more relevant communications about the services we provide;
- it’s in the legitimate interests of a third party e.g. sharing information with staff, operatives, sub-contractors and suppliers
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our products and services.
Who we may share your information with:
We may share your information with third parties for the reasons outlined in ‘What we collect and use your information for.’
These third parties include:
- Our staff
- Our operatives
- Our suppliers
- Our sub-contract supply chain
- Our regulators and Supervisory Authority e.g. the Charities Commission, the Information Commissioner’s Office for the UK (the ICO)
- HM Revenue & Customs (HMRC) e.g. taxation, PAYE etc
We will never sell your details to someone else. Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.
Where your information is processed:
- Your information is processed in the UK and European Economic Area (EEA).
How we protect your information:
- We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected recorded or used in any way, whether on paper, online, electronic or any other media, will have appropriate safeguards applied in line with our data protection obligations.
- Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake regular training on this.
- Our security controls are aligned to industry standards and good practice; providing a controlled environment that effectively manages risks to the confidentiality, integrity and availability of your information.
How long we keep your information:
- We will keep your personal information where it is necessary to provide you with our services.
- We may also keep your information after this period but only where required to meet our legal or regulatory obligations. The length of time we keep your information for these purposes will vary depending on the obligations we need to meet. (e.g. for the guarantee or accounting purposes).
Your individual rights:
You have several rights in relation to how The Company uses your information. They are:
Right to be informed:
You have a right to receive clear and easy to understand information on what personal information we have, why and who we share it with – we do this in our Privacy Policy and privacy notices.
The right of access:
You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR).
Right to request that your personal information be rectified:
If your personal information is inaccurate or incomplete, you can request that it is corrected.
Right to request deletion:
You can ask for your information to be deleted or removed if there is not a compelling reason for The Company to continue to have it.
Right to restrict processing:
You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.
Right to data portability:
You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way. For example, referencing etc.
Right to object:
You can object to The Company processing your personal information where it’s based on our legitimate interests (including profiling); for direct marketing (including profiling); and if we were using it for scientific/historical research and statistics.
Rights related to automatic decision making including profiling
You have the right to ask The Company to:
- give you information about its processing of your personal information
- request human intervention or challenge a decision where processing is done solely by automated processes
- carry out regular checks to make sure that our automated decision making and profiling processes are working as they should.
How to make a complaint:
We will always strive to collect, use and safeguard your personal information in line with data protection policy and laws. If you do not believe we have handled your information as set out in our Privacy Policy, please contact our Managing Director as above.
If you are still unhappy, you can complain to our Supervisory Authority. Their contact details are www.ico.org.uk