To protect our clients and third party service providers (contractors, sub-contractors, suppliers, local authorities, agents etc.) from breach of privacy or misuse of personal data in an increasingly data-driven environment. To ensure the Company’s compliance with the General Data Protection Regulations (GDPR) 2018.
- How the Company collects, stores and processes private data, as set out in the Data Inventory (available on request);
- The Company’s obligations under GDPR;
- Their obligations under GDPR.
Clients and third party service providers: available on the Company website or hard copy available on request.
Please refer to the Data Inventory (available on request; please e-mail email@example.com) for comprehensive details on:
- What personal data the Company holds;
- Why the Company holds it and how it is used;
- How and where the Company stores it and for how long;
- Who has access to the data.
Rock Townsend's Obligations under GDPR
Rock Townsend will collect and process personal data only if it falls within the six Lawful Bases for doing so, namely:
- Consent – data you have agreed to provide, i.e. photographs or CVs;
- Contract – data necessary for the Company to fulfil its duties under contract, i.e. Terms & Conditions, Appointment Documents;
- Legal Obligation - data necessary for the Company to fulfil its legal obligations, i.e. tax / payment details, fraud prevention, Health & Safety;
- Vital Interest – data required to protect life;
- Public Task – data necessary to perform a task in the public interest;
- Legitimate Interest – data necessary to carry out the business of the Company, i.e. policy documents / PI insurance.
Rock Townsend will collect, process, store and destroy your personal data as set out in the Data Inventory.
The Company will only collect data relevant to each individual contractual relationship; for example financial information will only be collected when a payment transaction is required.
We will not share your personal information to third parties unless we have your permission or are required to do so by law.
Your Obligations under GDPR
All personal data held by you relating to Rock Townsend, either collected verbally from staff, via e-mail, via marketing literature of from our website, must be held securely and not be shared with any third-parties, or used by you for any purpose other than that agreed within our contractual relationship, or unless you are required to do so by law.
If you believe the information we hold on you is incorrect or incomplete, please contact us at firstname.lastname@example.org.
You may request details of personal information which we hold about you under GDPR. If you would like a copy of the information held on you please write to Rock Townsend, The Old School, Exton Street, London, SE1 8UE.
This Notice has been endorsed by, and has the full support of, the Partners and the Management Team. The Notice was approved in May 2018, following consultation with senior managers and staff. Overall responsibility for the Notice lies with: Martin Howlett, Partner, Rock Townsend Architects LLP.
Date: 23rd May 2018