contactus
testimonials

Privacy Policy

Policy on data protection

1. Policy Statement

Vision Support Trading Limited  is fully committed to compliance with the requirements of the Data Protection Act 1998 (DPA) which came into force on 1st March 2000.  This legislation regulates the use of personal data and gives effect in UK law to the European Directive on data protection (the Data Protection Directive 95/46/EC).  The Act and the Directive aim to give individuals rights in connection with the processing of manual and computerised personal data and on the movement of such data.

Vision Support Trading Limited is required to maintain certain personal data about individuals for the purposes of satisfying our operational and legal obligations.  We recognise the importance of correct and lawful treatment of personal data as it helps to maintain confidence in our organisation and to ensure efficient and successful outcomes when using this data.

The DPA applies to personal data in computerised, manual or any other format, as long as the data is in a system that allows the information to be readily accessible.

The types of personal data that we may process include information about current, past and prospective employees; client end users; suppliers and other organisations with whom we have dealings.

As a social enterprise company committed to providing the best possible service to our customers and those affected by sight loss we will ensure that all personal information is handled fairly and lawfully with due regard to confidentiality and in accordance with the principles of the Data Protection Act 1998.

greyspacer

2. Data Protection Principles

We endorse and adhere to the eight principles of the Data Protection Act 1998 which specify that data must:
  1. be fairly and lawfully processed;
  2. be obtained for a specified and lawful purpose and not be processed in any manner incompatible with that purpose;
  3. be adequate, relevant and not excessive for those purposes;
  4. be accurate and, where necessary, kept up to date;
  5. only be kept for as long as necessary for the purpose for which it was obtained;
  6. be processed in accordance with the data subject’s rights;
  7. be kept secure from unauthorised or unlawful processing and protected;
  8. not be transferred to a country or territory outside the European Union without adequate protection.

greyspacer

3. Types of Data

The DPA lays down conditions for the processing of any personal data and makes a distinction between personal data and “sensitive” personal data.

Personal data is defined as data relating to a living individual who can be identified from that data; or from that data and other information which is in the possession of, or is likely to come into the possession of the data controller and includes an expression of opinion about the individual and any indication of the intentions of the data controller, or any other person in respect of the individual.

Sensitive data is defined as personal data consisting of information regarding an individual’s racial or ethnic origin; religion or belief; political opinion; trade union membership; sexual orientation; criminal record; age, mental or physical health.

Vision Support Trading Limited holds information on:

  • Employees
  • Customers/clients
  • Client end users
  • Business contacts


greyspacer

4. Handling of Personal/Sensitive Information

Vision Support Trading Limited will, through appropriate management and the use of strict criteria and controls:-

  • Observe fully the conditions concerning the fair collection and use of personal information;
  • Specify the purpose for which information is used;
  • Collect and process information only to the extent that it is needed to fulfil operational needs or legal requirements;
  • Endeavour always to ensure the quality of information used;
  • Not keep information for longer than required operationally or legally;
  • Always endeavour to safeguard personal information by physical and technical means (i.e. keeping paper files and other records or documents containing personal/sensitive data in a secure environment; protecting personal data held on computers and computer systems by the use of secure passwords which, where possible, are changed periodically and ensuring that individual passwords are not easily compromised);
  • Ensure that personal information is not transferred abroad without suitable safeguards;
  • Ensure that the lawful rights of people about whom the information is held can be fully exercised.

In addition, Vision Support Trading Limited will ensure that:

  • There is someone with specific responsibility for data protection in the organisation (the designated Data Controller) – currently the Managing Director;
  • Reasonable steps are taken to ensure the reliability of employees having access to personal information;
  • All staff managing and handling personal information understand that they are contractually responsible for following good data protection practice;
  • All staff managing and handling personal information are appropriately supervised and made aware of their legal responsibilities;
  • Computer terminals are placed in such a way that screens displaying personal information are not in public view and cannot be seen by passers-by;
  • That laptops and other portable devices are protected so that information cannot be accessed if they are lost or stolen;
  • A clear procedure is in place for anyone wanting to make enquiries about handling personal information, whether a member of staff or a member of the public and that such enquiries are promptly and courteously dealt with;
  • Methods of handling personal information are regularly assessed and evaluated;


By law Vision Support Trading Limited has to provide employee liability information to any organisation that employees are transferred to in line with the Transfer of Undertakings Regulations (TUPE).

greyspacer

5. Access to Personal Data

All individuals who are the subject of personal data held by us are entitled to:

  • Ask what information we hold about them and why
  • Ask how to gain access to it
  • Be informed how to keep it up to date
  • Have inaccurate personal data corrected or removed
  • Prevent us from processing information or request that it is stopped if the processing of such data is likely to cause substantial, unwarranted damage or distress to the individual or anyone else
  • Require us to ensure that no decision which significantly affects an individual is solely based on an automated process for the purposes of evaluating matters relating to him/her, such as conduct or performance
  • Be informed of what we are doing to comply with our obligations under the DPA

This right is subject to certain exemptions which are set out in the Data Protection Act.  Any person who wishes to exercise this right should make the request in writing to the Managing Director.

We reserve the right to charge the maximum fee payable for each subject access request.  If personal details are inaccurate, they will be amended upon request.  If by providing this information we would have to disclose information relating to or identifying a third party, we will only do so provided the third party gives consent, otherwise we may edit the data to remove the identity of the third party.

We aim to comply with requests for access to personal information as quickly as possible but will ensure it is provided within 40 days of receipt of a written request.

Personal information will only be released to the individual to whom it relates.  The disclosure of such information to anyone else without their consent may be a criminal offence.  Any employee who is in doubt regarding a subject access request should check with the Managing Director.  Information must under no circumstances be sent outside of the UK without the prior permission of the Managing Director.

greyspacer

6. Employee Responsibilities

All employees must ensure that, in carrying out their duties, Vision Support Trading Limited is able to comply with its obligations under the DPA.  In addition, each employee is responsible for:

  • Checking that any personal data that s/he provides to us is accurate and up to date;
  • Informing us of any changes to information previously provided, e.g. change of address;
  • Checking any information that we may send out from time to time, giving details of information that is being kept and processed;
  • If, as part of their responsibilities, employees collect information about other people or about other employees, they must comply with this policy.  This includes ensuring the information is processed in accordance with the DPA, is only processed for the purposes for which it is held, is kept secure, and is not kept any longer than is necessary;
  • Staff who misuse personal information will be subject to the organisation’s disciplinary procedure.

Employees are reminded that the DPA does not just apply to records held relating to our employees, but also to any client end users.  Information stored on client end users should be reviewed regularly to ensure it is accurate and up to date.  All documents, whether hand written or stored in emails (current or deleted) are potentially discloseable in the event of a request from an employee or service user.

greyspacer

7. Data Security

The need to ensure that data is kept securely means that precautions must be taken against physical loss or damage, and that both access and disclosure must be restricted. 

All staff are responsible for ensuring that any personal data which they hold is kept securely and that personal information is not disclosed either orally or in writing or otherwise to any unauthorised third party.

greyspacer

8. Publication of Information

Information that is already in the public domain is exempt from the 1998 Act.  This would include, for example, information on staff contained within externally circulated publications such as brochures and other sales and marketing aids.

Any individual who has good reason for wishing details in such publications to remain confidential should contact the Managing Director.

greyspacer

9. Subject Content

The need to process data for normal purposes will be communicated to all data subjects.

Our contracts of employment require the consent of employees to the processing of personal data for the purposes of administering, managing and employing our staff.  This includes:  payroll, benefits, medical records, absence records, sick leave/pay information, performance reviews, disciplinary and grievance matters, pension provision, recruitment, family policies (maternity, paternity, adoption, etc.) and equal opportunities monitoring.

In some case, if the data is sensitive, for example information on health, race, or gender, express consent to process the data will be obtained.  Such processing may be necessary to comply with some of our policies such as Health and Safety and Equal Opportunities.

Information about an individual will only be kept for the purposes for which it was originally given.

greyspacer

10. Retention and Disposal of Data

All employees are responsible for ensuring that information is not kept for longer than necessary.

Documents containing any personal information will be disposed of securely.

greyspacer

11. Registration

Vision Support Trading Limited is registered in the Information Commissioner’s public register of Data Controllers.

The Data Protection Act 1998 requires every Data Controller who is processing personal data, to notify and renew their notification, on an annual basis.  Failure to do so is a criminal offence.  The Managing Director is responsible for notifying and updating the Information Commissioner of our processing of personal data.

greyspacer

12. Implementation, Monitoring and Review of this Policy

This policy will take effect from 1 August 2008. The Managing Director has overall responsibility for implementing and monitoring this policy, which will be reviewed on a regular basis following its implementation (at least annually) and additionally whenever there are relevant changes in legislation or to our working practices.

Any questions or concerns about the interpretation or operation of this policy should be taken up in the first instance with the Managing Director who is responsible for ensuring compliance with the Data Protection Act and implementation of this policy.

This policy is not contractual but indicates how Vision Support Trading Limited intends to meet its legal responsibilities for data protection.  Any breach will be taken seriously and may result in formal disciplinary action. 

Any employee who considers that the policy has not been followed in respect of personal data about themselves should raise the matter with his/her line manager or the Managing Director.
 
Document Scanning Chester & Document Management, Cheshire - Northwest
Here are the locations we cover Mold, Crewe, Flint, Ellesmere Port, Wrexham, Liverpool, Warrington,
Runcorn, Winsford, Nantwich, Rhyl, Holywell, Buckley, Widnes , Birkenhead, Prestatyn

Document scanning, Scanning bureau, Scanning, Document Scanning Archive, Document Management,
Paper scanning, Scanning, OCR, Paper archiving