It is important for us to process and use your data only in accordance with the prevailing privacy and data protection legislation (including the EU General Data Protection Regulation (GDPR), the Privacy and Electronic Communication Regulations (PECR) and the Data Protection Act 2018) and your expectations, and to be transparent with you in how we process and use your data.
2. WHO WE ARE
We are an international supplier providing services, as set out on our website, to the facilities and premises owned by our clients. From humble beginnings as a small family business over 100 years ago, we’ve grown our specialisms and expertise to offer a range of high quality, sustainable and internationally accredited services. As a private, family-owned business we are not like public limited companies. Where other companies must focus on meeting
3. WHAT DATA WE COLLECT
In connection with the different ways we may interact with you and the various services that we provide, we collect the following categories of data:
C1: Contact information: including name, address, telephone number
C2: Identity data: including gender and
C3: Communication data: between you and us, including recordings of calls to our service
C4: Digital information data: collected when you visit our websites, applications or other digital platforms, including IP addresses, browser data, traffic data, social media
4. WHERE WE COLLECT YOUR DATA FROM
Most of the data that we have about you are provided by you. We collect C3 and C4 data from our websites, applications and similar digital platforms.
5. USE OF YOUR INFORMATION
Description: We use C1, C2 and C3 data to ensure that we can supply the goods or services you have requested. We may provide such information by electronic or other means.
Legal basis: We use such data as part of our business relationship. Further, we use such data to provide you with other information necessary to
Disclosure: We may disclose C1 and C2 data to our corporate partners, as they may need this information to communicate with you and to provide support and assistance.
Description: We use C1, C2 and C4 data to provide you with newsletters from us about our products and services.
Legal basis: Our use of such data is based on our legitimate interests in providing you with relevant information to promote our products and services. You may opt out of receiving such information at any time.
Disclosure: We may process your data to enable us to send you relevant information to promote our products services.
Description: We may use and compile C1, C2, C3 and C4 data for profiling purposes. Profiling is an automated processing of personal data where your personal data is used to evaluate,
Legal basis: We carry out profiling to
Disclosure: We will not disclose the profiles we have generated based on your data to third parties other than any member of our group.
Description: We may carry out video surveillance on premises and store C4 data to prevent crime and ensure your safety.
Legal basis: We carry out video surveillance that is necessary to
Disclosure: We will not disclose video surveillance footage to third parties unless required by law or on request from authorities.
6. HOW LONG WE STORE YOUR DATA FOR
We will only store your data for as long as it is necessary to
We will store your C1, C2, C3, and C4 data from the point for the duration of our contractual relationship and up to a period of three years after our contractual relationship has ended, if we believe this is necessary to handle potential complaints or claims. We may store your data longer if you wish for us to keep your data and you have consented to this.
We will store C4 data as required by applicable law.
We will store your C1, C2, C3
We store video surveillance footage for a period of 48 hours. If we deem it necessary to deliver video surveillance footage to the police due to a criminal incident or similar, we may store the video surveillance footage for 30 days.
7. INTERNATIONAL TRANSFER OF DATA
OCS provides services worldwide and has operations and partners in Asia,
We have affiliates, branch offices, agents and corporate partners that are established in these jurisdictions outside of the European Economic Area to which we may transfer data, as described in section 5 above. We will ensure that your data is adequately protected by the receiving parties in such countries. Adequate protection may typically be to impose on the receiving party contractual obligations that ensure that it maintains the same level of privacy and data security as
8. DISCLOSURE OF YOUR INFORMATION
Where you have provided us with your details for marketing purposes, we may also allow other companies in our group, to contact you occasionally about related products and services which may be of interest to you. They may contact you by post and telephone, as well as by email. If you change your mind about being contacted by these companies in the future, please let us know.
If we pass your information to non-EEA/International
Finally, if our business or part of it enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
We take appropriate measures to ensure that any personal data is kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an
10. EXERCISING YOUR RIGHTS
Under the prevailing privacy and data protection legislation, you have a number of important rights. These are as follows:
oYour right to request access to your data and information about processing (subject access request)
oYour right to correct any errors in your information (right to rectification)
oYour right to request erasure of your data from our systems and files – i.e. from our mailing lists (right to withdraw consent)
oYour right to object to data processing (place restrictions on our processing of your data)
oYour right to object to
oYour right to be forgotten
oYour right to data portability – where we are processing data that you have provided to us, on the basis of consent or as necessary for the performance of a contract between us, you have the right to ask us to provide your data in an appropriate format to you or to another controller.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact us via the details below.
If you wish to make a complaint about how your personal data is being processed by OCS Group (or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and OCS Group’s data protection representatives. Please see the relevant contact details below.
13. CONTACT DETAILS
By post: O.C.S. Group Limited, 4 Tilgate Forest Business Park, Brighton Road, Crawley, RH11 9BP, UK
By email: ITCompliance@OCS-group.com
Supervisory authority: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF, United Kingdom. Tel: +44 (0) 303 123 1113