|Company Name:||1 Stop Rec Ltd (‘the Company’)|
|Company Contact details:||Irma Stevens – Data Protection Officer|
|Document DP5A||Privacy Notice (when personal data is obtained directly from the data subject)|
|Date:||25th May 2018|
1 Stop Rec Limited is a company of t/a DBS Solutions is committed to safeguarding privacy for everyone. We understand that providing personal and sensitive information is an act of trust and we treat your information with respect and integrity.
Parties and interpretation
“We”, “Us” or “Our” means 1 Stop Rec Ltd, t/a DBS Solutions, incorporated and registered in England and Wales under company number 06620231, with our Registered Office at 30 Milton Road, Westcliff on Sea, Essex, SS07JX
“you” or “your” means a user of the Service provided by us.
“Service” or “Services” means any of the Services offered by us.
“site(s)” means www.dbscheck.org
Data Protection Responsible Officer details
For the General Data Protection Regulation 2016 (GDPR) and associated legislation and regulations, the data controller is 1 Stop Rec Limited trading as DBS Solutions. Our Data Protection Manager is Irma Stevens who can be contacted at [email protected]
Scope – What does this Policy cover?
We may collect and process the following data about you:
Information you give us:
You may give us information about you by filling in forms on our sites or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our Services, sign up for any regular information services, undertake a check and when you report a problem with our sites or otherwise contact us. The information you give us may include your name, addresses, email address and phone number, date of birth, marital status, financial and credit card information, your gender, your nationality and mother’s maiden name.
You may, also, provide us with more additional personal information containing passport and driving licence information, address history and National Insurance number.
Information we collect about you:
Each time you use our Service, we may automatically collect the following information:
- Technical information, including the Internet Protocol (IP) address used to connect information about your visit, including the full Uniform Resource Locators (URL), your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- Information about your visit, including the full Uniform Resource Locations (URL) clickstream to, through and from our sites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouseovers), and methods used to browse away from the page and any phone number used to call our customer service number.
Information we receive from other sources
We may receive information about you if you use a Service. We, or an affiliate or group member operate. We will inform you when we collect that data, that it may be shared internally and combined with data collected by us. We are also working closely with third parties (including, for example, business partners, subcontractors in technical payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
Uses made of the Information
All personal data is stored securely in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR). For more details on security see section below.
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
- You have given consent to the processing of your personal data for one or more specific purposes;
- Processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;
- Processing is necessary for compliance with a legal obligation to which we are subject;
- Processing is necessary to protect the vital interests of you or of another natural person;
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
- Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
We use your data in the following ways to provide the best possible services to you Information you give to us, we will use this information:
- To provide and manage your account;
- To provide and manage your access to our site;
- To personalise and tailor your experience on our site;
- To carry out the checks when using our Services. We will use the information provided as part of the checks in accordance with the e-consent forms;
- To carry out system testing and system checking;
To notify you about changes to our Service;
- If appropriate to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- If you have given us your consent, to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we may contact you by electronic means (e-mail or SMS) or in writing with information about goods and services similar to those of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data;
- To carry out our obligations arising from any contracts entered into between you and Us and to provide you with the information, products and services that you request from us; and
- To ensure that content from our service is provided in the most effective manner for you and other users.
Information we collect about you
We will use this information:
- To administer our service and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve our service to ensure that content is presented in the most effective manner for you;
- To allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our Services safe and secure;
- To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- To make suggestions and recommendations to you and other users of our Services about goods or services that may interest you or them.
Information we receive from other sources
- We may combine this information which you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive and the services that we are providing).
In some cases, the collection of data may be a statutory or contractual requirement, and We will be limited in the services We can provide you without your consent for us to be able to use such data.
Disclosure of your information
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We may share your information with selected third parties including:
- Where you have applied for a check in accordance with the e-consent form that you have or will be required to complete;
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you. These may include payment processing, delivery of goods, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.
We currently contract with:
- Identity checking and Adverse Credit checks;
- Analytics and other consultants that assist us in the improvement and optimisation of our service;
- If we sell or buy or assets, in which case we will not disclose your personal data to the prospective seller or buyer of such business or assets;
- If we sell 1 Stop Rec Ltd t/a DBS Solutions or substantially all of its assets in which case personal data held by us about its customers will be one of the transferred assets;
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms; or to protect the rights, property, or safety of 1 Stop Rec Limited t/a DBS Solutions, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
- We may compile statistics about the usage site including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners and advertisers. Data will only be shared and used within the bounds of the law.
- In certain circumstances, we may be legally required to share certain data held by us, which may include your personal information, for example, where we are involved in legal proceedings, where We are complying with the requirements of legislation, a court order, or a governmental authority. We do not require any further consent from you in order to share your data in such circumstances and will comply as required with any legally binding request that is made of Us.
We do not sell, trade or rent any personal information to others. We may use third party service providers to help us operate our business and this site or administer activities on our behalf, such as newsletters or surveys. We may share your information with these third parties for those limited purposes.
Data Transfer and Storage
We only keep your data for as long as we need to in order to use it as described above, and/or for as long as we have your permission to keep it. We will conduct regular reviews to ascertain whether we need to keep your data. Your data will be deleted if we no longer need it in accordance with the terms of our Data Retention Policy.
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial controls to safeguard and secure data collected through our site.
Steps We take to secure and protect your data include:
How we protect your data:
- We adopt appropriate data collection, storage and processing practices and security measures to protect against un-authorised access, alternation and disclosure or destruction of your personal information, username, password, transactions information and data stored on our UK sites. We secure all our pages via a strong SSL. Personal data is encrypted at rest.
- Notwithstanding the security measures that We take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting data to us via the internet.
If we do store or transfer data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under the GDPR. Such steps may include, but not be limited to, the use of legally binding contractual terms between us and any third parties we engage and use the EU-approved
Model Contractual Arrangements. Data security is of great importance to us, and to protect your data. We have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through Our Site.
All information you provide to us is stored on our secure servers or on secure servers operated by a third party. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Back Up Policy
We use AES 256 bit encryption for all personal data to ensure that it remains safe and secure. We conduct periodic backups everyday.
Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting data to us via the internet.
When you submit information via our site, you may be given options to restrict our use of your data. We aim to give you strong controls on our use of your data (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details and/or by managing your Account).
You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise this right at any time by contacting us at [email protected]
Withdrawal of consent
You may withdraw any consent that you have provided to us at any time by giving written notice to 1 Stop Rec Limited t/a DBS Solutions by emailing at the following address [email protected]
You may withdraw your consent for us to use your personal data as set above at any time by contacting us using the details above, and we will delete your data from our systems. However, you acknowledge this may limit our ability to provide the best possible services to you.
Access to your personal information
Under GDPR, you have:
- The right to request access to, deletion of or correction of, your personal data held by Us;
- The right to complain to a supervisory authority (for example the Information Commissioner’s Office known as ICO whose contact details can be found here https://ico.org.uk/global/contact-us/);
- Be informed of what data processing is taking place;
- The right to restrict processing;
- The right to data portability;
- Object to processing of your personal data;
- Rights with respect to automated decision-making and profiling (see below).
Automated Decision-Making and Profiling
In the event that we use personal data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on you, you have the right to challenge to such decisions under GDPR, requesting human intervention, expressing your own point of view, and obtaining an explanation of the decision from us.
The right described above does not apply in the following circumstances:
- The decision is necessary for the entry into, or performance of, a contract between the you and us;
- The decision is authorised by law; or
- You have given your explicit consent.
Where We use your personal data for profiling purposes, the following shall apply:
- Clear information explaining the profiling will be provided, including its significance and the likely consequences;
- Appropriate mathematical or statistical procedures will be used;
- Technical and organisational measures necessary to minimise the risk of errors and to enable such errors to be easily corrected shall be implemented; and
- All personal data processed for profiling purposes shall be secured in order to prevent discriminatory effects arising out of profiling.
To read our Statement of Fair Processing, please refer to our website. [email protected]
To read our Cookies Policy Statement, please refer to our website. [email protected]
To read our Support Policy Statement, please refer to our website. [email protected]