How we use your Information…
This privacy statement tells you what to expect when The Environmental & Process Engineering Group Limited “TEPE Group“ collects your personal information. It applies to information we collect about:
- Visitors to our websites
- Complaints and feedback received
- Information required for commercial purposes and providing services to our Customers
- Information for the marketing of TEPE Group
- Job applicants and our current and former employees
TEPE Group acts as the main establishment and holding company for the following companies:
- Working Environments Ltd
- Maintaining Environments Ltd
- Protective Environments Ltd
- Poole Process Equipment Ltd
This privacy statement relates to all the companies mentioned above; these companies share data confidentially with each other for operational purposes.
Visitors to our Websites
When someone visits our websites, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor’s behaviour patterns. We do this to identify the number of visitors to the various parts of the website. This information is processed in a manner which does not identify anyone. We do not make, and do not allow Google to make any attempt to find out the identities of those visiting our websites. If we do wish to collect personally identifiable information through our websites, we will be transparent about this. We will make it clear when we collect personal information and will explain what we intend to use the information for.
Submission of your Information
We do not have the facility for you to submit any information from our websites. Any personal information will be collected directly from yourself via telephone or email correspondence only. Your information will only be used for the stated intended purpose and will not be shared outside of the TEPE Group without your express consent. Your consent to share your information will be sought at the time of you submitting your data.
Complaints and Feedback
Should you wish to make a complaint, our complaint procedure is available upon request. All information received during the course of a complaint is handled with the same level of security protection or need for privacy the same as any other information we may collect.
Information required for commercial purposes and providing services to our Customers
TEPE Group will use the information provided by yourself to provide our services and products to our Customers. This data is only used for its intended and stated purpose. This includes financial information for the production of invoices and receiving of payments for services provided.
Protecting your Information
In order to protect your information, we have in place the following methods of protection:
- Monitored firewall protection
- Malware protection on all platforms
- Encryption on data at rest and at point of use
- Ongoing backups
- Auditing for data integrity on an ongoing basis
TEPE Group have a backup policy in place. We retain backups for a maximum of one month. Upon receiving a request to remove data of a personal nature, this will be completed by removing all reference and data from the production environment. The full deletion of this data will be achieved after the retention period stated above has been reached.
Requests for your Information
We will respond to requests for the information we hold within the required 30-day period. Initial requests will not be charged. However, should more than two requests be made within a 3-month period, subsequent requests will be charged at £10 per request.
All information will be provided in the format of a PDF document.
TEPE Group collects information from various sources for marketing purposes. This information can be from social media forums, industry forums to name but a few. We retain this information for a period of no more than 18 months, or the duration of the marketing campaign only.
TEPE Group share information with the following external organisations for commercial purposes:
- Accreditation bodies
- Payroll provider
- Bank line
- External IT provider
The information is shared with organisations within the UK-EU. However, operationally TEPE Group operate worldwide; therefore, data can be accessed worldwide especially on portable devices. The exception to this criterion is the sharing of information with UK authorities for investigatory purposes as per current legislation on finance and personnel.
TEPE Group are aware sometimes information with regard to suppliers is personal in nature. This information is protected to the full extent as any other information within our environment. This information is not shared unless express permission is granted by the individual.
Job Applicants and our Current and Former Employees
When TEPE Group receives job applications we hold these in a secure manner. The application forms are deleted or, in the instance of hard copies, shredded after the selection process is complete. This information is not shared outside our organisation and is only shared internally with designated senior personnel. Where information of an applicant is to be retained for future use, only the contact information will be retained. Consent from the applicant will be sought prior to the retention of any personal contact information.
All personal information held by TEPE Group regarding current employees is managed and maintained in a secure manner, the same as any other information we hold. All employees have the right to view the data we hold on them at any time. A formal request is required to be made for this information via the Data Protection Officer, email address: email@example.com
All personal information held by TEPE Group on former employees is managed and maintained in a secure manner, the same as any other information we hold. Should a former employee wish to view the data we hold on them, the steps for requesting information (detailed above) will be followed. Information held on personnel is retained for a period no longer than three years after the cessation of employment, in line with current UK legislation. After this period of time all information regarding the former employee is deleted. If requested, a confirmation of this will be communicated to the individual.
Reporting of Data Breaches
TEPE Group report all major breaches of data we have control of and are responsible for, to the Information Commissioners Office, our Customers and/or suppliers. All potential data breaches are fully investigated in accordance with our Information Security Incident Policy, which the information is available on request.
When a data breach is detected, and the severity ascertained, this will be reported to the ICO within 72 hours.
Security and Protection
TEPE Group take the security of all information seriously. As such, our systems are audited and verified on an annual basis.
Data Protection Officer
To contact the Data Protection Officer please email: firstname.lastname@example.org
Signed: Lee Picking, Chief Executive
Date: 01 June 2018