Unit 1A Advantage Park
Whitchurch Lane, Bristol, BS13 7TE
Mon-Fri
09:00 - 17:00
+44 1179 783568
enquiries@jhgroup-sw.com

JH Group GDPR

 GDPR Compliance Statement 

JH Group – General Data Protection Regulations (GDPR)

 

Introduction

The EU General Data Protection Regulation (“GDPR”) comes into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.

The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardise data protection laws and processing across the EU; affording individuals stronger, more consistent rights to access and control their personal information.

Our Commitment

J H Plant Hire & Contracting Ltd are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR and the UKs Data Protection Bill.

J H Plant Hire & Contracting Ltd are dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.

How We are Preparing for the GDPR

J H Plant Hire & Contracting Ltd already have a consistent level of data protection and security across our organisation, however it is our aim to be fully compliant with the GDPR by 25th May

Our preparation includes: –

  • Information Audit – carrying out a company-wide information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed and if and to whom it is disclosed.
  • Policies & Procedures – [revising/implementing new] data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including: –
    • Data Protection – our main policy and procedure document for data protection has been overhauled to meet the standards and requirements of the GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy by design and the rights of individuals.
    • Data Retention & Erasure – we have updated our retention policy and schedule to ensure that we meet the ‘data minimisation’ and ‘storage limitation’ principles and that personal information is stored, archived and destroyed compliantly and ethically. We have dedicated erasure procedures in place to meet the new ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response timeframes and notification responsibilities.
    • Data Breaches – our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time. Our procedures are robust and have been disseminated to all employees, making them aware of the reporting lines and steps to follow.
    • International Data Transfers & Third-Party Disclosures – where J H Plant Hire & Contracting Ltd stores or transfers personal information outside the EU, we have robust procedures and safeguarding measures in place to secure, encrypt and maintain the integrity of the data. Our procedures include a continual review of the countries with sufficient adequacy decisions, as well as provisions for binding corporate rules; standard data protection clauses or approved codes of conduct for those countries without. We carry out strict due diligence checks with all recipients of personal data to assess and verify that they have appropriate safeguards in place to protect the information, ensure enforceable data subject rights and have effective legal remedies for data subjects where applicable.
    • Subject Access Request (SAR) – we have revised our SAR procedures to accommodate the revised 30-day timeframe for providing the requested information and for making this provision free of charge. Our new procedures detail how to verify the data subject, what steps to take for processing an access request, what exemptions apply and a suite of response templates to ensure that communications with data subjects are compliant, consistent and adequate.
  • Legal Basis for Processing – we are reviewing all processing activities to identify the legal basis for processing and ensuring that each basis is appropriate for the activity it relates to. Where applicable, we also maintain records of our processing activities, ensuring that our obligations under Article 30 of the GDPR and Schedule 1 of the Data Protection Bill are met.
  • Privacy Notice/Policy – we have revised our Privacy Notice(s) to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.
  • Obtaining Consent – we have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed stringent processes for recording consent, making sure that we can evidence an affirmative opt-in, along with time and date records; and an easy to see and access way to withdraw consent at any time.
  • Direct Marketing – we have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions; a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials.
  • Data Protection Impact Assessments (DPIA) – where we process personal information that is considered high risk, involves large scale processing or includes special category/criminal conviction data; we have developed stringent procedures and assessment templates for carrying out impact assessments that comply fully with the GDPR’s Article 35 requirements. We have implemented documentation processes that record each assessment, allow us to rate the risk posed by the processing activity and implement mitigating measures to reduce the risk posed to the data subject(s).
  • Processor Agreements – where we use any third-party to process personal information on our behalf (e. Payroll, Recruitment, Hosting etc), we have drafted compliant Processor Agreements and due diligence procedures for ensuring that they (as well as we), meet and understand their/our GDPR obligations. These measures include initial and ongoing reviews of the service provided, the necessity of the processing activity, the technical and organisational measures in place and compliance with the GDPR.
  • Special Categories Datawhere we obtain and process any special category information, we do so in complete compliance with the Article 9 requirements and have high-level encryptions and protections on all such data. Special category data is only processed where necessary and is only processed where we have first identified the appropriate Article 9(2) basis or the Data Protection Bill Schedule 1 condition. Where we rely on consent for processing, this is explicit and is verified by a signature, with the right to modify or remove consent being clearly signposted.

Data Subject Rights

In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information via our website of an individual’s right to access any personal information that J H Plant Hire & Contracting Ltd processes about them and to request information about: –

  • What personal data we hold about them
  • The purposes of the processing
  • The categories of personal data concerned
  • The recipients to whom the personal data has/will be disclosed
  • How long we intend to store your personal data for
  • If we did not collect the data directly from them, information about the source
  • The right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this
  • The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use
  • The right to lodge a complaint or seek judicial remedy and who to contact in such instances

Information Security & Technical and Organisational Measures

J H Plant Hire & Contracting Ltd takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures.

GDPR Roles and Employees

J H Plant Hire & Contracting Ltd have designated Kellie Badcock as our Data protection Officer responsible for promoting awareness of the GDPR across the organisation, assessing our GDPR readiness, identifying any gap areas and implementing the new policies, procedures and measures.

J H Plant Hire & Contracting Ltd understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our preparation plans. We have implemented an employee training program specific to the which will be provided to all employees prior to May 25th, 2018, and forms part of our induction and annual training program.

 

If you have any questions about our preparation for the GDPR, please contact:

kellie (at) jhgroup-sw.com.

 

32 Responses

  1. Nice post. I learn something more challenging on different blogs everyday. It will always be stimulating to read content from other writers and practice a little something from their store. I?d prefer to use some with the content on my blog whether you don?t mind. Natually I?ll give you a link on your web blog. Thanks for sharing.

  2. Good – I should certainly pronounce, impressed with your website. I had no trouble navigating through all tabs as well as related information ended up being truly easy to do to access. I recently found what I hoped for before you know it at all. Quite unusual. Is likely to appreciate it for those who add forums or something, site theme . a tones way for your customer to communicate. Excellent task.

  3. You could certainly see your enthusiasm within the paintings you write. The sector hopes for even more passionate writers like you who are not afraid to say how they believe. At all times go after your heart.

  4. กดไลค์แฟนเพจ, กดไลค์, เพิ่มไลค์เพจ, เพิ่มไลค์คนไทย, จ้างปั้มไลค์, Like Fanpage, ไลค์แฟนเพจ, รับ Like Fanpage, ปั้มเพจ เหมาะสำหรับผู้ที่ต้องการยอดไลค์เพจเพจเยอะๆ, การเพิ่ม Like เป็นการเพิ่มโอกาสทางการขายสินค้าของคุณนั่นเอง ด้วยงานบริการเพิ่มไลค์แฟนเพจระดับมืออาชีพ ประสบการณ์การทำงานหลายปี, ปั้มไลค์เพจคนไทย, ปั่นไลค์, รับเพิ่มไลค์แฟนเพจเฟสบุ๊ค, เพิ่มไลค์แฟนเพจ ราคาถูก, ไลค์แฟนเพจเฟสบุ๊ค, กดไลค์รูป, ปั้มไลค์สถานะ, ปั้มยอดไลค์เป็นคนไทย 100, รับปั้มไลค์รูป, โกงไลค์, แฟนเพจพร้อมยอดไลค์, กด Like, รับสร้างแฟนเพจพร้อมยอดไลค์, ปั้มเพจ, รับทำเพจสินค้าพร้อมยอดไลค์, จ้างเพิ่มไลค์, Pump Like, Auto Like, ปั้มไลค์รูป, บริการปั้มไลค์แฟนเพจฟรี, ไลค์แฟนเพจได้สูงสุดหนึ่งล้านไลค์, ปั้มไลค์เพจ, Up Like Fanpage, รับจ้างปั้มไลค์, ไลค์เพจ, ปั้มโพสต์, รับทำเพจเฟสบุ๊ค, ปั้มไลค์ฟรี, รับทำไลค์แฟนเพจจำนวนมาก, บริการปั้มไลค์ฟรี, ปั้มไลค์รูปเฟส, เพิ่มไลค์เพจ ราคาถูก, ปั้มเพจเฟสบุ๊ค, บริการเพิ่ม Like ให้แฟนเพจของคุณ โดยทีมงานระดับมืออาชีพ ในระยะเวลาอันสั้นและราคาถูก รับประกันไลค์จากคนไทย 100, รับไลค์แฟนเพจ, รับเพิ่มไลค์, ปั้มรูป, ปั้มไลค์รูป Facebook, บริการเพิ่มไลค์แฟนเพจฟรี, เพิ่มไลค์, ปั้มไลค์เพจ Facebook, จ้างไลค์รูป, บริการเพิ่มไลค์เฟสบุ๊คให้แฟนเพจ, ซื้อไลค์แฟนเพจ, ปั้มไลค์เฟสบุ๊ค, รับเพิ่ม Like Fanpage Facebook ราคาพิเศษ เหมาะสำหรับผู้ที่ต้องการเพิ่ม Like Fanpage ให้ดูเป็นความน่าเชื่อถือของร้าน, รับไลค์ครบวงจรทั่วไทย, รับปั้มไลค์เพจ, ไลค์แฟนเพจราคาถูก, รับจ้างกดไลค์, จ้างไลค์, ปั้มไลค์ทั่วไป, จ้างกดไลค์, เพิ่มไลค์แฟนเพจ, เพิ่ม Like, เพิ่มไลค์ฟรี, ปั้มไลค์ราคาถูก, ปั้มไลค์เพจฟรี, ปั้มไลค์ ในโทรศัพท์, ปั้มไลค์, Add Like Fanpage, รับทำไลค์ครบวงจร, ปั้ม Like ฟรี, ปั้มไลค์ง่ายๆ, ปั้มไลค์ครบวงจร, ปั้มไลค์แฟนเพจ, ปั้มไลค์มือถือ, รับจ้างเพิ่มไลค์, ปั้มไลค์ Facebook, ไลค์คนไทย 100, รับเพิ่มไลค์แฟนเพจ เป็นการโปรโมทแฟนเพจ เพื่อเพิ่มยอดขายสินค้าได้

  5. The Juno B1 Cabin Suitcase glides on four precision-made Hinomoto wheels (a company which, according to obsedsive fliers,is a standard-bearer of quality caster-making). The thing iis extraordinarily light at 5.3 pounds (the Rimowa analogue tipsthe scales at 7.1), but feels shockingly sturdy; its speckled polypropylene shell is built to combat and conceal obvious(but inevitable) scratches. The suitcase also has a handy built-in lock, and indestructible hardcasing. But what I really love abouht it is how much I can fit.Despite its tiny dimensions, which always fit into an overhead,I’ve been able to cram in a week’s worth of clothes forra winter trip in Asia (thanks to clever folding), or enough forten summery days iin L.A. It’s really the clown car ofcarry-on luggage.

  6. It’ѕ ɑ pity yyou don’t haѵe a donate button! Ι’d certainly donate to this excellent blog!
    I guesѕ fⲟr now i’ll settle for book-marking and aⅾding your RSS feеd too my Google account.
    I look forward to fresh updates and will share this site with my Facebook group.
    Chat soon!

  7. I do agree with each of the ideas you have presented in the post. They are really convincing all of which certainly work. however, the posts are generally too short for newbies. Could you remember to extend them slightly from next time frame? Thanks for this post

  8. There are some attention-grabbing closing dates in this article but I don’t know if I see all of them heart to heart. There’s some validity but I’ll take maintain opinion till I look into it further. Good article , thanks and we want extra! Added to FeedBurner as effectively

  9. It’s a shame you don’t have a donate button! I’d definitely donate to this
    superb blog! I suppose for now i’ll settle for bookmarking and adding
    your RSS feed to my Google account. I look forward to new updates and
    will talk about this blog with my Facebook group. Talk soon!

  10. I would like to thank you for the efforts you’ve put in writing this website. I am hoping the same high-grade site post from you in the upcoming also. In fact your creative writing abilities has inspired me to get my own website now. Actually the blogging is spreading its wings rapidly. Your write up is a great example of it.

  11. We are really thankful towards the author in this post in making this lovely and informative article live here for us. We really appreciate ur effort. Keep up the great work. . . .

  12. Hi! I know this is somewhat off topic but I was wondering if you knew where I could get a captcha plugin for my comment
    form? I’m using the same blog platform as yours and
    I’m having trouble finding one? Thanks a lot!

  13. I’m very happy to read this. This is the type of manual that needs to be given and not the random misinformation that is at the other blogs. Appreciate your sharing this best doc.

  14. Hello there! I could have sworn I’ve visited this website before but after looking at some
    of the posts I realized it’s new to me. Anyhow, I’m definitely happy I came across it and I’ll be bookmarking
    it and checking back often!

  15. What i don’t understood is if truth be told how you’re no longer actually much
    more neatly-preferred than you may be now. You’re so intelligent.
    You understand thus considerably in relation to this topic, produced me in my view consider it
    from so many various angles. Its like women and men aren’t involved unless it is one thing to do with Girl gaga!
    Your individual stuffs nice. At all times deal with it up!

  16. Thanks for your personal marvelous posting! I actually enjoyed
    reading it, you’re a great author.I will make sure
    to bookmark your blog and may come back very soon. I
    want to encourage you to ultimately continue your
    great posts, have a nice morning!

  17. I think this is among the most vital info for me.
    And i’m glad reading your article. But should remark on some general things,
    The web site style is perfect, the articles is really excellent
    : D. Good job, cheers

  18. I am usually to blogging and i genuinely appreciate your site content. This content has really peaks my interest. I am going to bookmark your internet site and keep checking choosing info.

  19. Excellent pieces. Keep writing such kind of information on your page.
    Im really impressed by your site.
    Hi there, You’ve performed a fantastic job.
    I will definitely digg it and in my view suggest to my friends.
    I am sure they will be benefited from this web site.

  20. You really make it seem really easy along with your presentation however I
    to find this topic to be actually one thing which I believe I would never
    understand. It kind of feels too complicated and
    extremely large for me. I am taking a look forward in your subsequent submit, I’ll try
    to get the hold of it!

Leave a Reply