Vertas Group Privacy Notice
This Privacy Notice covers all subsidiary companies of Vertas Group Limited, including Diamond View, Vertas Environmental, Oakpark Security Services, Schools Choice, Snackpax, IEM, Verse, and Vertas Ipswich.
Vertas Group Limited processes personal data to successfully carry out its business functions. Vertas Group is committed to being transparent about how it collects and uses personal data and to meeting its obligations under the Data Protection Act 2018.
Who We Are
Under Data Protection legislation, Vertas Group Limited is a data controller. The company contact details are as follows:
Our Data Protection Officer
The company’s data protection officer is:
Kate Innes, Head of HR. Email: GroupHR@Vertas.co.uk, FAO: DPO
Information we may collect and hold:
The company collects and processes a range of information to support the functions of all business activity. This includes:
- Information provided by filling in forms on www.vertas.co.uk (website). This includes information provided at the rime of registering to use this website, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with this Website.
- If you contact us for any business reason we may keep a record of your personal details you provide and any correspondence.
- If you engage in business activity we will hold personal information relevant to the contract.
- We may also use your details in order to complete client or employee satisfaction surveys which is used for business feedback and continuous improvement purposes. Although you do not have to respond to the survey.
- In some cases, we may collect personal data about you from third parties, such as references supplied by former employers, information from employment background check providers, financial regulated authorities and credit checks, information from criminal records checks permitted by law.
If you are an Employee of Vertas Group Liimited please refer to our separate Employee Privacy Notice accessible on our Intranet and provided in your New Starter Pack.
Where we store your personal data
All information you provide to us is stored on our secure servers. Data will be stored in a range of different places on our servers, including Client Management system, Finance System, HR & Payroll System, server folders and other IT systems (including the company’s email systems).
The company has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.
Where the company engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
Where we have given you (or where you have chosen) a password which enables you to access our systems or Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Once we are in receipt of your data we will use strict procedures and security features to prevent unauthorised access.
Why We Collect and Use This Information
- To provide you with information, products, or services that you request from us or which we may feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To notify you about changes to our services.
The company needs to process data to enter into a contract with you and to meet its obligations under the contract. In some cases, the company needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check an employee’s entitlement to work in the UK, to deduct tax, to comply with health and safety laws.
Who has access to data?
Your information may be shared internally, including with team members within Business Development, Communications and Marketing, HR and Recruitment (including payroll), Regional and service management, and IT staff if access to the data is necessary for performance of their roles.
There are times where the company may share your data with third parties in order to obtain pre-employment references from other employers, obtain financial checks, obtain employment background checks from third-party providers and obtain necessary criminal records checks from the Disclosure and Barring Service and SIA vetting.
The company also shares your data with third parties that process data on its behalf, in connection with employee absence, HR & Payroll, the provision of benefits, the provision of pensions and other benefits, the provision of insurance.
The company will not transfer your data to countries outside the European Economic Area. We do acknowledge that our website can be accessed by countries outside of the European Economic Area.
For how long does Vertas Group keep data?
The company will hold your personal data for the duration of a contract agreement or until you request for your data to be removed.
- Client contracts are retained for the duration of the contract and should the contract be terminated the contract will be retained and then destroyed after six months.
- Client invoices are kept electronically and are retained for seven years for HMRC purposes.
- Customer balances are assessed at the start of each financial year and those customers whom Vertas has not traded with for the last 12 months, all details except
the name of the company (which we cannot remove from the system) will be deleted including phone number and email address.
- Any customer with a legal action claim against them and an outstanding balance payable, Vertas will keep the correspondence until the debt has been resolved.
Once full payment is received, the letters will be deleted from the finance server.
Requesting Access to Your Personal Data
As a data subject, you have many rights. You can:
- access and obtain a copy of your data on request;
- require the company to change incorrect or incomplete data;
- require the company to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
- object to the processing of your data where the company is relying on its legitimate interests as the legal ground for processing.
If you would like to exercise any of these rights, please contact GroupHR@vertas.co.uk, FAO DPO.
If you have a concern about the way we are collecting or using your personal data, we ask that you
raise your concern with us in the first instance. Alternatively, you can contact the Information
Commissioner’s Office at https://ico.org.uk/concerns/
What if you do not provide Personal Data?
You have some obligations under a contract to provide the company with data. If you do not provide
certain information it may prevent the company’s ability to administer the rights and obligations
arising because of the contract relationship effectively.
If you would like to discuss anything in this privacy notice, please contact our DPO at
GroupHR@Vertas.co.uk, FAO: DPO.