Privacy Policy

GDPR applies consistently across the EU. TonyG Ltd’s policies will need to continue to evolve to take account of any future guidelines issued, as well as developing our experience of applying the law in practice. We intend to keep guidance under review and update it in light of relevant developments and feedback.

The GDPR sets a high standard for consent and this means people must be offered genuine choice and control over how companies use their data. In line with GDPR, TonyG Ltd must seek consent from you freely for the personal data we hold and give you a clear explanation why we hold this data. The consent will now be on going and we are required by law to refresh consent periodically and keep records of the consent given.

Responsibilities

TonyG Ltd treats the privacy of its staff, sub-contractors, clients and website users very seriously and we will take appropriate security measures to safeguard your privacy. This policy explains how we protect and manage personal data you share with us and that we hold about you in accordance with UK and EU law in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Regulation 2018.

The Compliance Manager, Liz O’Donnell, is responsible for ensuring that this notice is made available to all employees and Sub-Contractors and for ensuring that this notice is drawn to the data subject’s attention and their consent to the processing of their data is secured.

Who we are

Our registered office is: Tony G Limited, 4 The Barford Exchange Wellesbourne Road, Barford, Warwick, Warwickshire, CV35 8AQ. The company is registered in England and Wales 04680112.

TonyG Ltd operates from: Unit 1 Brook Business Park, Brookhampton Lane, Kineton, Warwickshire. CV35 0JA. TonyG Ltd is a data controller and processor.

Information collection on a lawful basis

All organisations need a legal reason to use your personal information. If they don’t have one, they cannot use it. There are however a number of legal reasons that enable the data that is being collected and processed to be used on a lawful basis.

TonyG Ltd will only collect and process data that is necessary. We collect and process it on a lawful basis as set out by the GDPR. For example there may be situations where we need to use your information to comply with legal obligations for the purpose of business or operational use. There may also be situations where we require it for contractual purposes. For example when you order products and services from us, we will need to process your information to administer that transaction. The data will be necessary for payroll purposes and for the vital interests of delivering health and safety services to our employees and sub-contractors. We may also use the data for audit and analysis and for tasks such as arranging work, travel logistics, training or medical reports but only where the activity doesn’t negatively affect your rights.

Your consent

There may be activities where we process personal information with your consent. If consent is required it will ask for it be renewed regularly to ensure that it is current and accurate.

You are able to withdraw your consent at any time. You also have the right to object, erase, or restrict our processing of your information. We do however, rely on your consent and if it is withdrawn, you must be aware that we may not be able to provide the product or service you have requested.

If this is the case, we will carefully consider and act upon your request. However it may be the case that we may still have legal rights to carry out the processing activity on a lawful basis. Each case will be considered individually.

What data we collect

When you interact with our organisation we collect information about you and our interaction. This is in order to provide you with the products and services you have requested, including responding to any enquiries, complaints or requests you may have. It enables us to manage our relationship with you, and support the provision of linked services such as joint interactions with clients and suppliers.

We may send you product or service related communications and messages, or information in order to facilitate a sale.

We will tailor our service to the preferences that you share with us, depending on the individual requirement but generally the data we collect may include any of the following:

  • Your personal details: such as name, date of birth, national insurance number.
  • Contact information: such as address, telephone numbers, and email.
  • Next of kin and / or emergency contact name and numbers.
  • Passport, Driver License, driving insurance certificate and vehicle details.
  • Details of your interaction with the Company regarding Health & Safety records.
  • Occupational health data – details of medical issues, medical reports.
  • Qualifications and Training records.
  • Accident data.
  • Enforcement notices from external agencies.
  • Internal meeting records / internal safety alerts.
  • Sub-Contractor Public & Product Liability Indemnity Insurance Certificate.
  • Asset / audit records
  • Details for any necessary Personal and Protective Equipment.
  • Information about our use of your products or services.
  • Email conversations when you contact us.
  • Historical data regarding previous contracts.

When and how we collect your information

We may collect information you provide to us directly and indirectly when interacting with our products and services. This may include when you:

  • Make an initial approach to us by email or on the phone or by post.
  • Fill out our forms or register interest with us.
  • Interact with us by phone or online by email, or by text, or on social media.

Who can access the data?

The data can be accessed by yourselves (by a Data Subject Access Request) and by TonyG Ltd employees for the purposes of support. Access is secured and restricted to specific role dependent personnel. This data can be viewed by authorised staff at TonyG Ltd to:

  • Contact staff and sub-contractors when necessary.
  • Contact next of kin in an emergency.
  • Process salaries, payments and pension schemes.
  • Ensure that appropriate Insurances and legal cover is in place.
  • Arrange parking and access purposes.
  • Ensure that relevant qualifications and training is in place, upheld and maintained.
  • Ensure that staff and contractors are not placed in any situation that would be detrimental to their health.
  • Issue any necessary Personal and Protective Equipment.

Deliver vital Health and Safety Services.

Who do we share this data with?

Data is shared only when necessary. This may be with third parties such as government agencies, health and safety consultants such as Southalls or clients and suppliers in order to arrange work and travel logistics, training purposes or medical reports. This may also include when we interact with anyone who promotes our products, brands, or services.

Third parties will use your information in accordance with their own privacy policies. It is advisable that you read the privacy policies of the third parties we use.

We may also obtain information about you from other companies that have your permission to share your information both online and offline, for example for the purposes of obtaining a reference.

These processors can only use your information in accordance with our instructions and for the purposes stated in this policy. The data will only be shared for legitimate and lawful reasons and it may be used for reasons other than that for which it was originally collected.

Data transfers

When you use our services, we may transfer your information to our processors – other companies that carry out activities on our behalf, and only on our instructions.

Cross-border data transfers

The information that we collect may be stored and processed in and transferred between any countries in which our business needs to operate.

If there is a requirement for personal data to be transferred outside of the European Economic Area (EEA), TonyG Ltd will consider the requirements of the Data Protection eighth principle and ask for your consent first.

In the event of sale or restructure of business

If we restructure or sell all or part of our business or business operations, we may transfer your information as part of that activity. If this is the case your information will be used in accordance with this policy unless you are notified otherwise.

Direct marketing

In addition to sending you information about the products and services you use, and where we have your permission, we may also send you direct marketing communications about our products, services, events and offers. Direct marketing communications may be sent by post, email, telephone, social media (such as WhatsApp, Instagram, Twitter, and Facebook).

We may send you direct marketing while you have an on-going relationship with us and for a reasonable time after you have used one of our products or services. You will be able to opt-out of direct marketing by following the instructions in the communications you receive or changing your device settings. We won’t share your information with any other organisations for marketing, market research or commercial purposes. We currently do not maintain a marketing database.

Disclosures required by law

We may need to pass on your personal information if by law we have a legal obligation to do so and / or for the detection and prevention of crimes, such as fraud.

TonyG Ltd will protect or enforce our rights or the rights of others as much as possible and limit what data we share to protect the privacy of those concerned. We stipulate that any data shared will be for specific purpose only and no consent is given for any data sharing beyond that specific purpose.

Keeping your data secure

Sending information over the Internet is generally not completely secure, and we can’t guarantee the security of your data while it’s in transit. ANY DATA YOU SEND IS AT YOUR OWN RISK.

TonyG Ltd takes reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.

We will store all the personal information you provide on secure servers.

Who owns the data?

You are the owner of the data we gather and store.

Data subject access requests

You can find out what information we hold about you, and/or ask us not to use any of the information we collect by making a Data Subject Access Request. If you have any comments, concerns or complaints about our uses of your information, we would ask that you contact us so that we can try and resolve any matter. TonyG Ltd will comply with any Data Subject Access Requests that we receive. You can make a Data Subject Access Request or raise any issues with the TonyG Ltd Compliance Manager: Liz O’Donnell, by email: compliance@tonyg.co.uk

We may need to verify the identity of the person making the request before any classified information will be released. We will require to see 3 forms of identification:

  • Passport.
  • Driving Licence.

A recent utility bill before confirming name and address.

Fees

A copy of the information will be provided free of charge. If the request is repeated, excessive or manifestly unfounded, TonyG Ltd will charge a £50 fee based on the administrative cost of providing the information. The fee must be paid before the information will be provided.

How long will the request take?

The information will be provided within one month of a written request and a receipt of appropriate funds. TonyG Ltd maintain the right to extend the period of compliance by a further two months where requests are complex or numerous. If this situation is the case, we will inform the individual within one month of the receipt of the request and explain why the extension is necessary.

How will the information be provided?

It will be provided electronically.

Monitoring and risk review

If you have any further questions regarding data security and legal compliance, please contact us on: info@tonyg.co.uk.

All security measures including those that protect integrity and confidentiality and data access restrictions are regularly reviewed to ensure a high standard of compliance, and that they remain up to date, effective, and applicable. TonyG Ltd can update our policies, terms and conditions at any time without notice.