All data subjects whose data is processed by Clearsprings Ready Homes Limited, part of the Clearsprings Group.

The Data Protection Officer is responsible for ensuring that this notice is placed in front of potential data subjects prior to Clearsprings Ready Homes Limited collecting/processing their personal data.

All Employees of Clearsprings Ready Homes Limited / Clearsprings Group who interact with data subjects are responsible for ensuring that this notice is drawn to the data subject’s attention and consent to the processing of their data is taken as necessary.

The personal data we collect will be used for the following purposes:

To comply with the contractual requirements of our clients (Data Controllers)

To comply with relevant UK employment, environmental and safety legislation

To protect the vital interests of the data subject

To comply with the Data Controllers requests in respect of the public interest

The pursuit of legitimate interests by the controller

For data to be used for any additional purposes specific consent will be required, and by consenting to this, you are giving us permission to perform those actions.

Read more about how and why we use your data at www.ready-homes.co.uk.

You may withdraw consent at any time by contacting the Data Protection Office (DPO) for the Clearsprings Group at dpo@clearsprings.co.uk, or via the companies Head Office on 01268 740200. Please note that the withdrawal of consent will not prevent the company from continuing to comply with the lawful purposes described above and will only relate to any specific / explicit consent given for additional purposes.

Under the EU’s General Data Protection Regulation: 

Personal Data is defined as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Special Categories of Personal Data

Certain data are classified under the Regulation as ‘special categories’:

Racial

Ethnic origin

Political Opinions

Religious Beliefs

Trade-union membership

Genetic Data

Biometric Data

Health Data

Data concerning a natural person’s sex life

Sexual orientation

Other

Consent is required for Clearsprings Ready Homes Limited and Clearsprings Group to process both types of personal data outside of our established contractual requirements with the Data Controller, but it must be explicitly given. Where we are asking you for sensitive personal data we will always tell you why and how the information will be used.

Clearsprings Group collects, store and process personal data for our property management services we need to collect personal data for identification purposes and/or detailed service provision as required by the relevant Data Controller.

We are committed to protecting the personal data of our customers, staff, and suppliers and we always ensure that the information we collect, and use is appropriate for this purpose, and does not constitute an invasion of your privacy. 

We take appropriate technical and structural security measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.

We may pass on personal data to our service providers who are contracted to Clearsprings Group. Our contractors are obliged to keep details secure and use them only to fulfil the services they provide on our behalf. Our contractors dispose of the details in line with Clearsprings Group’s procedures once the service is fulfilled.

We protect data and take appropriate measures when personal data is being transferred within and outside the business, as well as to other authorities.

We will notify relevant authorities of any personal data breaches within required timelines of becoming aware of the breach and notify affected data subjects, where required, in respect of a serious breach, always respecting and complying with the statutory rights available to data subjects.

We ensure appropriate data protection responsibilities are contained in the written contracts we have with all third parties to whom we disclose, or from whom we receive personal data 

We only pass on sensitive personal data to third parties with data subject consent unless we are legally required so to do.

Clearsprings Group collects, stores and processes personal data in a manner that is compatible with the EU’s General Data Protection Regulation (GDPR). We keep information that is accurate and up to date and we do not keep it for longer than is necessary. In some instances, the law sets the length of time information has to be kept, but in most cases Clearsprings Group will use its discretion to ensure that we do not keep records outside of our normal business requirements.

Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information we process is subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.

We put this policy into practice by applying policies, standards, operating procedures and processes so that we secure and fairly process personal data.

Document Owner and Approval

The Data Protection Officer is the owner of this document and is responsible for ensuring that this procedure is reviewed in line with the requirements of the GDPR. 

A current version of this document is available to all members of staff on Sharepoint and is published by the Quality Manager / DPO.

This procedure was approved by the Group Managing Director on 21st May 2018 and is issued on a version-controlled basis under his signature.

Signature: Nigel Couchman Date: 21.05.2018

Change History Record