This site uses cookies to bring you the best experience. Find out more
Skip to main content

Privacy Policy

Introduction

Here at Torishima Service Solutions Europe Ltd we take your privacy very seriously. This privacy notice tells you who we are, what personal data we may collect, process, and where appropriate, share, in relation to you and your relationship with us. We take all necessary steps to protect data you share with us to ensure that your privacy is maintained. The introduction of the General Data Protection Regulation (GDPR) requires us to state our obligations to you to ensure your personal data is protected. We must also tell you about your rights regarding how you access your data, your right to erasure and rectification of any errors. Further information on your rights regarding data protection can be found on the website of the Information Commissioner’s Office (ico.org.uk).

Who We Are

We/us/our are Torishima Service Solutions Europe Limited, and our registered office is Unit 3, M8 Interlink Estate, Kirkshaws Road, Coatbridge, ML5 4RP.

Lawful Basis for Processing Personal Data

We must have a lawful basis to process personal data as well as outlining the purposes for which that processing takes place.

Our lawful basis (bases) for processing personal data will be:-

  1. Where the processing is carried out in accordance with a contractual obligation between you and us.
  2. With your consent.
  3. Where we are required to fulfil a legal requirement.
  4. Where the processing is required to protect the vital interests of the data subject or of another natural person.

What Type(s) of Information We May Collect

  1. Personal details which will include your name (including any middle names) or any other name you may have been previously known by, your date of birth, your contact details including your home address and any former addresses, telephone numbers, email addresses, your marital status, and other identifiers such as your passport and driving licence numbers (including the retention of copies of such documents).
  2. Sensitive information, (categorised under GDPR as special categories of information) such as health information as part of our obligations to ensure your health and welfare within the work environment.
  3. Bank account details and payment card details for the purposes of making or receiving payments, paying salaries, and complying with our obligations to tax authorities.
  4. Your employment history, qualifications, and details from any references you may provide to enable us to establish your suitability for employment with us.
  5. Financial information required to ensure our compliance with any obligations under Proceeds of Crime legislation.

What Processing of Personal Data We May Do

We will collect and process information about you in the following circumstances:

  1. Information you provide to us:
    1. When you apply for a position of employment (part-time, full-time, agency, or temporary) to
      assess your suitability for the position.
    2. When you enquire about or purchase any of our products or services to provide that product
      or service to you.
    3. When you send an email, letter, fax or telephone us for any reason to allow us to respond to
      you.
       
  2. Information we may gain because of the relationship between you and us:
    1. We may record telephone conversations both to and from us.
    2. Website activity including cookies and IP addresses.
       
  3. Information we gain from other sources about you:
    1. Credit Reference Agencies.
    2. Fraud Prevention Agencies.
    3. Medical Practitioners.
    4. Electoral Roll.
    5. Government agencies.
       
  4. To comply with any legal obligation as a consequence of a lawful order of a court of law or other
    competent authority.
     
  5. To share with other business functions within our group of companies.
     
  6. To share with third parties who we may employ to support the delivery of any of our services or
    products to you.
     
  7. We will not share your data for the purposes of direct marketing.

Why Your Information Will be Processed

  1. Where the processing is carried out in accordance with a contractual obligation between you and us.
  2. Where we are required to fulfil a legal requirement.
  3. Where the processing is required to protect the vital interests of the data subject or of another natural person.
  4. Where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  5. We will also process your information to ensure that our requirement to document our processing activity for the purposes of audit, either internally or externally, complies with Regulations.

Subject Access Requests

You have a right to obtain a copy of personal data we hold. You have the right to obtain:

  • Confirmation from us that we are processing your personal data.
  • A copy of your personal data.
  • Any other supplementary information, which will include:
    • the purposes of our processing;
    • the categories of personal data concerned;
    • the recipients or categories of recipient we disclose the personal data to;
    • our retention period for storing your personal data or, our criteria for determining how long we will store it;
    • the existence of your right to request rectification, erasure or restriction or to object to such
      processing;
    • the right to lodge a complaint with the ICO or another supervisory authority;
    • information about the source of the data, where it was not obtained directly from the
      individual;
    • the existence of automated decision-making (including profiling); and
    • the safeguards we provide if we transfer personal data to a third world country or international organisation.

Fees for Processing a Subject Access Request (SAR)

Fees for making a subject access request will not be payable, unless the following circumstances apply:

  • The request is manifestly unfounded;
  • The request is excessive;
  • Additional copies of data already provided under a subject access request are requested.

Your Right to Rectification

Where you believe that personal data we hold is inaccurate you have the right to have the errors rectified. If this is the case, please contact the Office Manager with details of the errors and we will have the errors amended and notify you when this change has been processed. We will complete this change within one calendar month.

In certain circumstances we may disagree that data we hold is inaccurate, and where you disagree with this decision you may make a complaint to the ICO, or the appropriate supervisory authority.

Your Right to Erasure

You may make a request for your data to be erased from our systems. This is not an absolute right as there may be reasons why we are unable to erase your data. Please contact our Office Manager for further guidance.

Your Right to Restrict Processing

You may request us to restrict the processing of your personal data in certain circumstances. This is not an absolute right therefore please contact our Office Manager for further information.

Your Right to Object to the Processing of Personal Data

You have several rights where you can object to the processing of personal data:

  • You have an absolute right to stop your data being used for direct marketing purposes;
  • Other circumstances in the processing of your personal data can be objected to. For further information refer to the website of the Information Commissioners Office (ico.org.uk).

Data Protection Officer

We have taken the decision not to appoint a Data Protection Officer due to the limited amount of personal information we may collect. However, any information that is collected will still be kept in a secure environment and will be overseen by our Office Manager.

Complaints

If you have any cause for complaint in the way your data is processed, then please contact our Office Manager detailed above at your earliest opportunity.

You may also make a complaint to the local supervisory authority, e.g in the UK this is the Information Commissioners Office (ICO who can be contacted at ico.org.uk

Policy Updates

This policy will be subject to review and may be updated or amended to ensure that it remains compliant with any changes to organisational or legislative requirements.

This policy will be used as documentary evidence for compliance with the Data Protection Act 2018.

Disposal of Documents Containing Personal Data

Hard Copy (Paper) Documents

Paper documents containing personal data must NOT be disposed of by placing in a wastepaper basket. They MUST be placed in the confidential waste cabinets. On collection by an appointed sub-contractor, the documents will be safely and securely shredded and destroyed.

Legal documents shall be disposed of in accordance with the requirements laid down by the relevant regulatory bodies.

Shredding must be used to dispose of 'contract' or 'consent' documents.

Electronic Documents & End of Life Devices

Documents should be deleted when they are no longer required.

When an existing device is to be re-used by a new/different employee, all personal data must be deleted from the device prior to being assigned.

All end of life devices and hard disks will be sent to an external company for certified data deletion and destruction/re-use of the particular device.

 

Dated: February 2019

Torishima Case Studies

Torishima Latest News