Review by Anna Hopwood June 2023
Approved by the Board 11th Dec 2023
The General Protection Data Regulation (GDPR) is designed to keep our personal information safe. It makes it easier for people to discover what information organisations have on them and what they use it for. It also enables people to prevent unnecessary data collection.
Job complies with the GDPR.
Please see Proper Job’s Data Protection Policy for further information on how we comply with GDPA.
The information contained in this policy
1. Who are we?
2. What information do we collect?
3. How do we use personal information?
4. What legal basis do we have for processing your data
5. When do we share personal data?
6. Where do we store and process personal data?
7. How do we secure personal data?
8. How long do we keep your personal data for
9. Your rights in relation to personal data
10. How to contact us
Who we are?
Proper Job Resource Centre CIO including the shop “Uptown”
What information do we collect?
- employees and volunteers (on application forms, employment contracts, payroll set up forms) : name, signature, address, phone number, email, NI number, date of birth, bank details
- Supporters (on mailing list) : name, email address
- customers (when paying with a credt/debit card): card details, telephone numbers
- suppliers: name, address, phone number, bank details
- artists: name, signature, phone number, email
How do we use personal information?
- recruiting new staff
- entering necessary information onto our payroll software and online banking
- sharing employee phone numbers with other staff (with permission) so that they can get their shifts covered when necessary
- using a card terminal to take debit/credit card payments when the card holder
- contacting customers if they have asked us to put something aside
- contacting suppliers to make orders and payments for goods/services received
- contacting artists with regard to their exhibition, proof of personal insurance for their work
What legal basis do we have for processing your personal data?
- contract: employment contracts, HR records for staff and volunteers
- legal obligation: paying for goods/services, keeping records for the required
length of time
- consent: application forms, payroll set up forms, contact details for
employees/ suppliers, contact details for customers wanting credit and artists
wanting to exhibit their work
- Customers, suppliers and artists can withdraw their consent for Proper Job CIO to store their data at any time or ask that all their data be permanently deleted by contacting us by email or in writing.
When do we share personal data?
- Proper Job CIO will always treat your personal information confidentially and will only share your data with a reputable third party when we have to, in order to provide our services and conduct our business operations:
- we will share bank details with the Co-operative Bank when paying staff wages and for goods/services
- we will share names, addresses, NI numbers, date of birth with our payroll software providers
- we will share names, addresses, NI numbers, date of birth with our pensions provider
- we will share debit/credit card details with our merchant services provider when processing customer card transactions. We are always fully PCI compliant.
- we will share information regarding gift aid donations to HMRC.
We will never sell or share your personal data with any other third party
Where do we store and process personal data?
Data that is paper form is stored and processed securely at our office at Proper Job, Market fields, Crannafords ind park, Chagford, TQ13 8DR or Uptown TQ138AE.
Data in electronic form is stored and processed securely on our payroll software, on secure cloud storage and on our online co-op bank business banking account.
How do we secure personal data?
To protect against accidental loss, data is only stored and processed either in our office at Proper Job. Access to personal data is restricted at all times. Only trained employees have access to personal data.
How long do we keep your personal data for?
We only store personal data for the minimum legal requirement per data set.
When no longer required, data is destroyed on our premises using an electronic shredder.
Your rights in relation to personal data
Proper Job CIO respects your right to access and control your personal data:
- at any time you can ask to see what data we hold of yours
- you can request that we correct or delete your data
- if we hold data on condition of your consent, you can withdraw that consent
- if you request that we erase your data completely, we will do so immediately
- if you think that we are in breach of the GDPR you can lodge a complaint with the Information Commissioner’s Office (ICO) email@example.com
How to contact us?
If you have any questions or concerns about our privacy practices, how we store or process your personal information or if you wish to file a complaint, please contact us: