At RJS Management Services Ltd (t/a H-ELP Systems) we are committed to compliance with the Data Protection Laws and to ensure that the principles of data processing are followed, and as such data is:
- processed lawfully, fairly and in a transparent manner;
- only collected and used for lawful purpose;
- adequate, relevant and not excessive;
- accurate and where necessary kept up to date;
- kept for no longer than necessary;
- processed according to the rights of individuals;
- protected and secure from unlawful processing; theft, loss, cyber attacks etc,
RJS Management Services Ltd is registered with the Information Commissioner’s Office (ICO) reference: ZA118024
In the following document where reference is made to:
‘Company’, this refers to RJS Management Services Ltd (trading as H-ELP Systems)
‘Client’, this refers to those persons or organisations that use our professional services
‘Data Controller’, this refers to a person(s) who determine the purpose and manner in which persona data is processed
‘Data Processor’, this refers to any person who processes personal data on behalf of the data controller
Under Data Protection law the Client is the Controller of Client Data, RJS Management Services Ltd is the processor of Client Data and the Controller of other information.
These policies set out the basis by which we collect, use and disclose any personal data and the rights of individuals:
In choosing to use our services the Company will at times need to collect and process personal data, the legal basis will be for the performance of the contract with your organisation and in response to your instructions. As part of our service and for the performance of the contract with our Clients we will need to communicate with you and we will on occasions provide support and guidance information by way of newsletters, guidance notes etc., Communication will be by telephone or through email or the postal service.
We may at times need to share data with another company or individual for the performance of our contract with our Clients; this may include for example, a barrister or Occupational Health Specialist. However, we will not use or share personal information with anyone except where prior approval is obtained. Where we share data with another service provider we will conduct a due-diligence on that provider and they are under an obligation not to disclose or use the information for any other purpose.
Data will be retained by the Company for no longer than reasonably necessary, taking into account the legitimate business interests of RJS Management Services Ltd, and to comply with legal obligations, to resolve disputes and to provide evidence in the event of any claims by a data subject.
The Company is aware of the threats of data security and makes every effort to ensure that data held and processed is secure and that the risk of loss, misuse, unauthorised access or disclosure is limited. The Company has security procedures in place and these are regularly reviewed, this will include the Cyber Essentials Certificate. However, with technology and the communication of data through the internet, the Company cannot absolutely guarantee that information during transmission or storage is completely safe from intrusion by others, and in such situations the Company does not accept responsibility for any loss arising.
Where the Company engages in marketing, and other activities, not forming part of the performance of the contract with Clients, we will seek to obtain agreement using the legal basis of consent. To give consent you can go to our website and sign-up for updates and marketing information. Consent can be retracted at any time by going to our website and clicking on firstname.lastname@example.org .