Issue Date: 10/01/2018
Visitors to RED’s Website
RED Scientific (RED) uses a third party service to host its website www.red-scientific.co.uk. Additionally, RED uses Google Analytics to collect standard internet log information and details of visitor behaviour patterns. This is used to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. RED does not make, and does not allow Google to make, any attempt to find out the identities of those visiting the website.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies used on the RED website and why:
|Universal Analytics (Google)||_ga||These cookies are used to collect information about how visitors use RED’s website. The information is used to compile reports and to help improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
More information about Google Analytics cookies can be found here.
|Hosting||DYNSRV||DYNSRV is used by RED’s hosting provider to help manage website traffic.|
Callers to RED’s Offices
RED does not use an automated system. However, all calls are routed via a single operator who will seek identity information as part of the call-routing function. Information requested will include, but not limited to, the following:
- Employing Company
- Person being contacted
- Reason for the call
- Contact details of caller if person being contacted is unavailable
RED does not retain any information once it has reached the person being contacted.
People who Email RED
RED operates and maintains its own internal network. All emails sent to RED are held within its own Mail Server. Any email, including attachments, sent to RED may be monitored for reasons of security and for monitoring compliance with RED internal security policy. Email blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
Associate Applicants, Current and Former RED Employees and Security Clearance Information
When individuals register to join RED’s Associate network, the information supplied, typically in the form of a full CV, will only be used to search, identify and bid for relevant contractual opportunities that are visible to RED via its various routes to market.
Associates will be actively involved in any bidding process that they are linked to and will have full control over what personal information is provided in any bid submission.
Associates have the right to amend personal data held by RED or have it removed whenever they want. Requests to amend data may need to be supported by evidence i.e. proof of academic qualifications, residential address. When requests are made to have personal data removed RED will retain pseudonymised information about the individual, indicating date information was received, what processing was undertaken, where it was stored and when it was deleted for GDPR accountability purposes.
When working with RED, Associates will have a file relating to their registration, employment and use. This information will be kept secure and will only be used for the purposes directly relevant to that individual’s registration, employment or use. Once the Associate ceases to be registered for whatever reason, RED will retain the file in accordance with the requirements of the retention policy and any other associated legal requirements and then delete it on completion. Where retention relates to information regarding financial payments requested by/made to the Associate, then retention will be in line with HMRC requirements, which is currently 7 years. Where retention relates to legal contracts and Purchase Orders between RED and the Associate, then retention will be in line with Law Society guidelines for England which is currently 10 years.
When individuals apply for an employed post, RED will only use the information supplied to process the application. Where RED may wish to disclose information to a third party (i.e. for a reference or security check) the individual will be informed beforehand.
Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed. It will then be destroyed or deleted. RED will retain pseudonymised information about the individual, indicating date information was received, what processing was undertaken, where it was stored and when it was deleted.
During employment with RED, individuals will have a file relating to their employment. This information will be kept secure and will only be used for the purposes directly relevant to that individual’s employment. Once employment has ended, RED will retain the file in accordance with the requirements of the retention policy and any other associated legal requirements and then delete it on completion. The retention period is currently 7 years for financial information and 10 years for contracts.
RED Security Clearance Information
RED undertakes classified work for UK Government and as such employees and many Associates need to hold a Security Clearance. Where a Security Clearance is sponsored/held by RED additional personal information for that individual will also need to be held. When individuals cease to be employed or Associates choose to leave RED’s Associate network then RED will either cancel the clearance or transfer it to a new sponsor. The information relating to RED having held the clearance and any supporting personal data currently has a retention period of 7 years.
Access to Personal Information
RED will be as open as possible regarding staff and associates having access to their personal information. Individuals can find out if RED holds any personal information by making a ‘subject access request’ under the GDPR. If information is held on the requesting individual RED will:
- give a description of it;
- explain why RED is holding it;
- advise who it has been disclosed to; and
- provide a copy of the information in an intelligible form.
To make a ‘subject access request’ to RED for any personal information that may be held you will need to put the request in writing emailing it to REDs Operations Department, or writing to the address provided in Section 8.
If agreeable, RED will try to deal with any request informally, for example by providing you with the specific information you need over the telephone.
If RED does hold personal information, you can request to have it corrected any mistakes by, once again, contacting the Operations Department.
Complaints and Queries
RED tries to meet the highest standards when collecting and using personal information. For this reason, RED takes any complaint received about this very seriously. RED encourages people to highlight if they think that the collection or use of personal information is unfair, misleading or inappropriate. Any suggestions are welcomed that may lead to improving procedures.
This privacy notice was drafted with accuracy, brevity and clarity in mind. It does not provide exhaustive detail of all aspects of RED’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
Changes to this Notice
RED keeps its privacy notice under regular review. This privacy notice was last updated on the date shown at the top of this notice.
email@example.com (Subject: GDPR Request)
Alternatively, you can write to:
RED Scientific Ltd
1 Oriel Court