Privacy Policy

Verovian Consultancy Limited (“The Company”, "We", "Us", "Our", "Verovian Agency" ) are committed to protecting and respecting your privacy.

Please take a moment to read this privacy policy carefully. Contact us on [email protected] if you have any questions about this privacy policy.

Last updated 22nd May 2018

In performing its duty and business functions, The company requires to process "personal data" within the meaning of Data Protection Acts 1988 and 2003 ("the Acts").  In the pursuit of a high standard of compliance and respect for those with whom we have relationship, we set out below our Data Protection Policy for all employees of our company. 

This policy (together with our terms of business or terms of engagement or www.verovian.com and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Act 1998 (the Act), the data controller is Verovian Consultancy Limited (as appropriate) “the Company” Registered address of 1st Floor, 7-9 Hythe Street, Dartford, Kent. DA1 1BE  [Our nominated representative for the purpose of the Act can be contacted at [email protected]]

ACCEPTANCE OF PRIVACY POLICY

By accessing and using our Services, you signify acceptance to the terms of this Privacy Policy. Where we require your consent to process your personal information, we will ask for your consent to the collection, use, and disclosure of your personal information as described further below. We may provide additional "just-in-time" disclosures or additional information about the data collection, use and sharing practices of specific Services. These notices may supplement or clarify Verovian Agency's privacy practices or may provide you with additional choices about how Verovian Agency processes your data.

If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.

1. Objective:

The objective of this code is to disclose, in a transparent way, how The Company respects absolutely the privacy of all of those whose Personal Data we are obliged to hold and we are conscious of our obligations regarding the collection, storage, legitimate and lawful processing of all such Data. We hold as central a respect for privacy and commit to upholding our duties towards the Data held in accordance with strict compliance with the Data Protection Acts.

We also aim to communicate that The Company obtains and processes Personal Data  in such transparent manner that anyone who provides Personal Data to us can clearly understand our practices and procedures and invoke their legal rights in a clear and efficient manner. This Code also sets out our approach to dealing with Data Access Requests under Section 4 of the Data Protection Acts.

2. Type of Personal Data Verovian Agency holds:

We collect the following types of information:

• Personal Identification Information: Full name, date of birth, age, nationality, gender, signature, utility bills, photographs, phone number, home address and email.
• Formal Identification Information: Tax ID number (National Insurance or PPSN), passport number, driver’s license details, national identity card details, photograph identification cards, and/or visa information.
• Financial Information: Bank account information and/or tax identification.
• Transaction Information: Information about the transactions you input on our database, make on our Services, such as the name of the recipient, your name, the amount, and/or timestamp.
• Employment Information: Shift location, Job Location, job title, and/or description of role.
• Online Identifiers: Geo location/tracking details, browser fingerprint, OS, browser name and version, and/or personal IP addresses.
• Usage Data: Survey responses, information provided to our support team, public social networking posts, authentication data, security questions, user ID, click-stream data and other data collected via cookies and similar technologies
• Other to include: Education Status | Employment Status   | Services or Support received | Time Sheets | Hours worked | Holiday request forms | Bookings agreed | Sanctions and Disciplinary | Professional Status

3. Obligation:

In the course of carrying out our business, it is not envisaged that there will be a requirement  to  or permit access to the Personal Data held by us to any third party, save where that third party has a legal right entitlement to enter our premises and so enquire and oblige disclosure, on foot of a Court order or where a third party is supplying us with a service which is relevant to the purposes for which the Data is being held (for example if our payroll were to be outsourced to a third party). At all times a third party will be obliged to disclose their Data Protection Policy.

4. Action to your personal data:

  Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customised experience. In addition to booking shifts for you / looking for job placement in your expertise field; we use personal information to create, develop, operate, deliver, and improve our Services, content and advertising, and for loss prevention and anti-fraud purposes. We may use this information in the following ways:

• To enforce our terms in our user agreement and other agreements

Verovian Agency handles very sensitive information, such as your identification and financial data, so it is very important for us and our customers that we are actively monitoring, investigating, preventing and mitigating any potentially prohibited or illegal activities, enforcing our agreements with third parties, and/or violations of our posted user agreement or agreement for other Services. 

• To provide Verovian Agency's Services

We process your personal information in order to provide the Services to you. For example, when you want to book shifts in a location close to your home, you wish to register to new companies and you wish to avoid booking with certain companies that use certain PMR you may not want to work with, we require certain information such as your address, contact information, and payment information. We cannot provide you with Services without such information.

• To provide Service communications

We send administrative or account-related information to you to keep you updated about our Services, inform you of relevant security issues or updates, or provide other transaction-related information. Without such communications, you may not be aware of important developments relating to your account that may affect how you can use our Services.

• To provide customer service

We process your personal information when you contact us to resolve any questions, disputes, chase up unpaid fees, or to troubleshoot problems. We may process your information in response to another customer’s request, as relevant. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.

• To ensure quality control

We process your personal information for quality control and staff training to make sure we continue to provide you with accurate information. If we do not process personal information for quality control purposes, you may experience issues on the Services such as inaccuracy in your records or other interruptions. Our basis for such processing is based on the necessity of performing our contractual obligations with you.

EEA Residents: For all of the above categories, excluding the first bullet point, pursuant to EEA Data Protection Law, we process this personal information based on our contract with you.

• To ensure network and information security

We process your personal information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks and to comply with applicable security laws and regulations. The threat landscape on the internet is constantly evolving, which makes it more important than ever that we have accurate and up-to-date information about your use of our Services. Without processing your personal information, we may not be able to ensure the security of our Services.

EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legal obligations.

• For research and development purposes

We process your personal information to better understand the way you use and interact with Verovian Agency's Services. In addition, we use such information to customise, measure, and improve Verovian Agency’s Services and the content and layout of our website and applications, and to develop new services. Without such processing, we cannot ensure your continued enjoyment of our Services. Our basis for such processing is based on legitimate interest.

EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legitimate interests as described above.

• To enhance your website experience

We process your personal information to provide a personalised experience, and implement the preferences you request. For example, you may choose to provide us with access to certain personal information stored by third parties Without such processing, we may not be able to ensure your continued enjoyment of part or all of our Services.

EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legitimate interests as described above.

• To facilitate corporate acquisitions, mergers, or transactions

We may process any information regarding your account and use of our Services as is necessary in the context of corporate acquisitions, mergers, or other corporate transactions. You have the option of closing your account if you do not wish to have your personal information processed for such purposes.

EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legitimate interests as described above.

• To engage in marketing activities

Based on your communication preferences, we may send you marketing communications to inform you about our events or our partner events; to deliver targeted marketing; and to provide you with promotional offers based on your communication preferences. We use information about your usage of our Services and your contact information to provide marketing communications. You can opt-out of our marketing communications at any time.

EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy on your consent.

We will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission. From time to time we may request your permission to allow us to share your personal information with third parties. You may opt out of having your personal information shared with third parties, or allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorisation. If you choose to so limit the use of your personal information, certain features or Verovian Agency services may not be available to you

5. Collection, Processing, Keeping, Use and Disclosure of personal data:

To comply with the data protection principles set our in Section II of the Data Protection Acts, The Company will ensure the data we hold fulfil these criteria:

Obtain and process information fairly: The Company will obtain and process personal data fairly in accordance with the fulfilment of its functions and legal obligations

- Keep it only for one or more specified, explicit and lawful purposes: The Company will keep data for purposes that are specific, lawful and clearly stated and the data will only be processed in a manner compatible with these purposes.

- Use and disclose it only in ways compatible with these purposes: The Company will only use and disclose personal data in ways that are necessary for the purpose/s or compatible with the purpose/s for which it collects and keeps the data.

- Keep it safe and secure: The Company will take appropriate security measures to prevent unauthorised access to, or alteration, disclosure or destruction of the data and against their accidental loss or destruction.

• The Company acknowledges that high standards of security are essential for processing all personal information and in this regard confirms that a hard copy of material relating to employment  file will be kept in a locked up office. We enforce physical access controls to our buildings and files, and we authorise access to personal information only for those employees who require it to fulfil their job responsibilities.
• We use computer safeguards such as firewalls and data encryption 

- Keep it accurate, complete and up-to-date: The Company has procedures that are adequate to ensure high levels of data accuracy and completeness and to ensure that personal data is kept up to date.

- Ensure that it is adequate, relevant and not excessive: Personal data held by the Company will be adequate, relevant and not excessive in relation to the purpose/s for which they are kept.

- Retain it for no longer than is necessary for the purpose or purposes: The Company will have a defined policy on retention periods for personal data and appropriate procedures in place to implement such a policy. For compliance purposes, this will be 5 years.

- Give a copy of his/her personal data to an individual, on request: The Company will have procedures in place to ensure that data subjects can exercise their rights under the data protection legislation.

We cannot guarantee that loss, misuse, unauthorised acquisition, or alteration of your data will not occur. Please recognise that you play a vital role in protecting your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorised access to or use of your account.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us at the email address, mailing address or telephone number listed at the end of this Privacy Policy.

6. Data Access Requests:

Data access request must meet certain criteria as specified in the Data Protection Acts: 

1. It must be in writing

2. It must include a reasonable level of appropriate information to help us to locate the information required

3. The Company will make reasonable enquiries to satisfy ourselves about the identity of the person making the request to ensure we are not disclosing Personal Data to a party who is not entitled to it.

Data access Requests will be complied to within 40 days of receipt of the request. Where reasonable, additional information may be required to substantiate the request as described in (2) and (3), the time frame for responding runs from receipt of the additional information.

7. Information which will not be provided

The Company will not normally disclose the following types of information in response to a Data Access Request:

1. Information about other People: A Data Access Request may cover information which relates to one or more people other than the Data Subject. The information about the other person may be Personal Data about that person, to which the usual data protection rules under the Data Protection Acts, including the restrictions on disclosure, apply. In such circumstances we will not grant access to the information in question unless either:
   • the other person has consented to the disclosure of their data to the Data Subject or;
   • in all the circumstances it is reasonable to make the disclosure without that person’s consent. If the person’s consent is not forthcoming and it is not reasonable to make the disclosure without consent, we will make available as much Personal Data as we can without revealing the identity of the other person (for example by excluding the person’s name and/or other identifying particulars).
2. Opinions given in Confidence: Where we hold Personal Data about the Data Subject in the form of an opinion given in confidence we are not required to disclose such opinions in response a Data Access Request in all cases.
3. Repeat Requests: The Data Protection Acts provide an exception for repeat requests where an identical or similar request has been complied in relation to the same Data Subject within a reasonable prior period. The Company will consider that if a further request is made within a period of twelve months of the original request and where there has been no significant change in the personal data held in relation to the individual, it will be treated as a repeat request. Accordingly, where Personal Data has recently been provided to the Data Subject or his/her legal representative, the Company will not normally provide a further copy of the same data in response to a Data Access Request. The Company will not consider that it is obliged to provide copies of documents that are in the public domain.
4. Privileged Documents: Where a claim of privilege could be maintained in proceedings in a court in relation to communications between an individual and his or her professional legal advisers (or between those advisers) any privileged information which we hold need not be disclosed pursuant to a Data Access Request.
5. to protect our rights and properties; and
6. Where the request is frivolous or vexatious.

Where the Company refuses a Data Access Request, it will do so in writing and will set out the reasons for refusal. Any person who is dissatisfied with the response of the Company to their request has the right to make a complaint to the Data Protection officer on [email protected]

8. Exception to right of data access:

Section 5 of the Data Protection Acts depicts that individuals do not have access to see the information relating to them where any of the following circumstances apply:

1. If the information is kept for the purpose of preventing, detecting or investigating offences, apprehending or prosecuting offenders, or assessing/collecting any taxes or duties; but only in cases where allowing the right of access would likely to impede any such activities;

2. Granting the right of access would be likely to impair the security or the maintenance of good order in a prison or other place of detention;

3. If the information is kept for certain anti-fraud functions; but only in cases where allowing the right of access would be likely to impede any such functions;

4. If granting the right of access would be likely to harm the international relations of the State;

5. If the information concerns an estimate of damages or compensation in respect of a claim against the organisation, where granting the right of access would be likely to harm the interests of the organisation

9. Method of response communication:

The Data Protection Acts provide a right of access to a permanent copy of the Personal Data that is held about the Data Subject unless this is not possible or would involve disproportionate effort.

This information must be communicated to the Data Subject in an intelligible form. This will usually mean that a photocopy or printout of the Personal Data be provided to the Data Subject. However, depending on the consent obtained from the Data subject, information can be provided in an electronic format such as email or disk

10. Rectification or Erasure:

You have the right to request erasure of your personal information that:

(a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed;

(b) was collected in relation to processing that you previously consented, but later withdraw such consent; or

(c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing.

The above is subject to limitations by relevant data protection laws. If a data subject seeks to have any or his or her Personal Data rectified or erased, this will be done within 40 days of the request being made, provided there is a reasonable evidence in support of the need for the erasure or rectification