Cookies are small files that are sent to your computer or mobile device when you visit our website.
The cookies we use record details about your visit to our website and enable you to save any unsent data in any form submissions, but they do not identify you. We like to keep track of which information and links are popular and which ones don't get used so much, to help us keep our information relevant, up to date and to help us improve the website. To do this we use analytics cookies which gather information showing the overall patterns of usage rather than individual’s activity.
Your internet browser should allow you to control which cookies you accept, clear them individually, or clear all of them. The website aboutcookies.org gives advice on how to do this in a wide variety of desktop browsers.
If you choose to disable cookies you may find you are not able to access all the content of our website, or that some functions do not operate fully or as intended.
Sessions Coolkies on our website are used to make it easier for you to use our website as webpages have no memories. A user going from page to page will be treated by the website as a completely new visitor. Session cookies enable the website you are visiting to keep track of your movement from page to page so you don't get asked for the same information you've already given to the site. Cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit. They do not store personal information and are delete when you leave the website.
(Data Protection and GDPR)
Your rights to your personal data stored by Amberpay Limited (“Amberpay”).
Information about how we use your personal information
Access to your personal information
You can ask us to confirm whether we are processing any of your personal information and, with some legal exceptions, you have the right of access to any of your personal information we hold.
If you ask for access to your personal information it will be provided free of charge within one month of Amberpay receiving your request. If the request is complex or you submit numerous requests we can extend the time taken to provide the information by up to two further months, but we will always inform you of this within a month of receiving your request. We may need to ask you to provide confirmation of your identity or to provide additional details to help us locate your information.
Corrections to your personal information
If you think the personal information we have is inaccurate you have the right to ask us to correct it and we will do so without undue delay. You can also ask us to record additional information if you think the information we hold is incomplete and this can include the submission of a supplementary statement.
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please be sure to keep us informed if your personal information changes during your time contracting with us.
Erasure of personal information
You have the right to ask Amberpay to delete all the personal information, but in some circumstances this will not be possible. If we need the information because we are still providing you with services, or because we have a legal or regulatory obligation to keep it for a specified length of time, we will not be able to delete it immediately. We will always delete your contact details from our marketing lists if you unsubscribe or ask not to receive any more marketing messages.
Restriction of processing
In some circumstances you have the right to ask us to restrict processing of your personal information for a period of time. If processing is restricted we will continue to store your personal information but will not carry out any other processing unless you request it or we are required to in order to establish, exercise or defend a legal claim and we will inform you before the restriction to processing is lifted.
In some circumstances, and where it is technically feasible, you have the right to have your personal information transferred to you or to another service provider in a structured, commonly used and machine readable format.
Objection to processing
You have the right to object to any processing that is carried out in Amberpay’s legitimate interests, or to your personal information being used for direct marketing.
Automated decision making
You have the right not to have decisions made about you based solely on automated processing if those decisions will result in a legal or similarly significant effect. If such decisions are made by Amberpay you can ask for them to be reviewed by one of our employees who will take into account your views. Amberpay does not currently utilise automated decision-making processes or software.
If you would like to exercise any of the rights listed above please contact the Amberpay Data Protection team.
PRIVACY NOTICE FOR CONTRACTORS (GDPR)
Data controller: Amberpay Limited
Limited Company registered in The Isle of Man under company number 1559V.
Registered and Postal address: Court Row Chambers, Court Row, Ramsey, Isle of Man, IM8 1JS, British Isles.
VAT number: 003 0816 32.
Telephone number: 01624 815189.
Amberpay Limited is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you.
Amberpay Limited “The Company” collects, stores and processes personal data relating to its Contractors in order to manage and service the contractual relationship. This privacy notice sets down how the Company collects and uses personal information about you during and after your working relationship with us.
This privacy notice applies to current and former workers and contractors. This notice does not form part of a contract of employment or any contract to provide services and may be updated at any time.
The Company is committed to protecting the privacy and security of your personal information. The Company is committed to being clear and transparent about how it collects and uses that data and to meeting its data protection obligations.
1. Data Protection Principles
The Company will comply with data protection law. This means that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way;
- Collected only for valid purposes that we have explained to you clearly and not used in any way that is incompatible with these purposes;
- Relevant to the purposes we have told you about and limited to those purposes only;
- Accurate and kept up to date;
- Kept only for such time as is necessary for the purposes we have told you about; and
- Kept securely.
2. What Information Does The Company Collect And Process?
The Company collects and processes a range of personal information (personal data) about you. Personal data means any information about an individual from which the person can be identified. This includes:
- Personal contact details, such as your name, title, address and contact details, including email address and telephone number;
- date of birth;
- the terms and conditions of your contract;
- details of your qualifications, skills, experience and employment history, including start and end dates, with previous employers and with the Company;
- information about your remuneration, including entitlement to benefits such as pensions;
- details of your bank account, tax status and national insurance number;
- information about your marital status, next of kin, dependants and emergency contacts;
- information about your nationality and entitlement to work in the UK;
- copy of driving licence and or other forms of ID;
- details of periods of absence taken by you, including holiday, sickness absence, family leave and sabbaticals, and the reasons for the leave (if advised by you);
- details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence;
- assessments of your performance, including appraisals, training you have participated in, performance improvement plans and related correspondence;
- CCTV footage and other information obtained through electronic means e.g. swipe card records.
We may also collect, store and use the following special categories of more sensitive personal information:
- information about medical or health conditions, including whether or not you have a disability for which the Company needs to make reasonable adjustments;
- details of trade union membership (if you have advised us);
- information about your criminal record; and
- equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief.
The Company collects this information in a variety of ways. For example, data is collected through the application and recruitment process and during work-related activities throughout the period of contracting with us.
In some cases, the Company collects personal data about you from third parties, such as references supplied by former employers, information from employment background check providers, information from credit reference agencies and information from criminal records checks permitted by law.
Data is stored in a range of different places, including in your personnel file, in the Company's HR systems and in other IT systems (including the Company's email system).
3. Why Does The Company Process Personal Data?
The Company needs to process data to enter into a contract with you and to meet its obligations under that contract.
In addition, the Company needs to process data to ensure that we are complying with our legal obligations, for example, we are required to check a contractor’s entitlement to work in the UK. For certain positions, it is necessary to carry out criminal records checks to ensure that individuals are permitted to undertake a particular role.
In other cases, the Company has a legitimate interest in processing personal data before, during and after the end of the contractual relationship.
4. Situations In Which We Will Use Your Personal Information
Situations in which we will process your personal information are listed below:
In order to:
- make decisions about recruitment and deployment processes;
- maintain accurate and up-to-date contractor records and contact details (including details of whom to contact in the event of an emergency), and records of contractual and statutory rights;
- check you are legally entitled to work in the UK;
- gather evidence for, and keep a record of, disciplinary and grievance processes, to ensure acceptable conduct within the workplace;
- pay you and make deductions for tax and National Insurance where appropriate;
- operate and keep a record of contractor performance and related processes;
- keep records of training and development requirements;
- operate and keep a record of absence and absence management procedures, to allow effective workforce management and ensure that employees are receiving the pay to which they are entitled;
- ascertain your fitness to undertake your contracted assignments;
- operate and keep a record of other types of leave, to allow effective workforce management;
- ensure effective general HR and business administration;
- provide references on request for current or former contractors;
- deal with legal disputes involving you or other workers and contractors; and
- facilitate equal opportunities monitoring in the workplace.
5. If You fail to Provide Personal Information
If you do not prove certain information when requested, the Company may not be able to perform the contract we have entered into with you, such as paying you or providing a benefit. You may also have to provide the Company with data in order to exercise statutory rights.
6. Change of Purpose
The Company will only use your personal information for the purpose for which it was collected unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will advise you of this and explain the legal basis which allows us to do so.
You should be aware that we may process your personal information without your knowledge or consent where this is required or permitted by law.
7. How We Use Sensitive Personal Information
Some special categories of personal data, such as information about health or medical conditions, is processed to carry out employment law obligations (for example, in relation to contractors with disabilities and for health and safety purposes).
8. Information About Criminal Convictions
We envisage that we will hold information about criminal convictions.
We will only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally able to do so.
9. Automated Decision-Making
We do not utilise any automated decision-making processes or software.
10. For How Long Do You Keep Data?
The Company will only hold your personal data for as long as is necessary to fulfil the purposes we collected it for, including any legal, accounting or reporting requirements. The periods for which your data is held after the end of your contract is 6 years, unless otherwise required by law or statute.
11. Who Has Access to Data?
Your information will be shared internally within the company.
The Company shares your data with third parties where required by law, where it is necessary in order to administer the working relationship with you or where we have another legitimate interest in doing so. Currently services are not carried out by third party service providers but there may be a requirement to do so at a future date. The Company may also share your data with other third parties, for example, in the context of a sale of some or all of its business. In those circumstances the data will be subject to confidentiality arrangements.
Your data may be transferred to countries outside the European Economic Area (EEA) and Isle of Man in order to process our contract with you, backup and or disaster recovery. Data is transferred outside the EEA on the basis of relevant safeguards such as any or all of the following: encryption, declaration of adequacy and binding corporate rules. If you require further information, it is available by contacting the Data Protection Office.
12. How Does The Company Protect Data?
The Company takes the security of your data seriously. The Company has internal policies and controls in place to prevent your data being lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Details of these measures are as follows: password protected and or encrypted systems and software.
When the Company engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
13. Your Duty to Inform Us of Changes
It is important that the personal information we hold about you is accurate and current. Please be sure to keep us informed if your personal information changes during your time working with us.
14. Your Rights
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data on request (known as a “data subject access request”);
- require the Company to change incorrect or incomplete data;
- request erasure of your personal information. This enables you to ask the Company to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
- object to the processing of your data where the Company is relying on its legitimate interests as the legal ground for processing; and ask the Company to suspend the processing of your personal data for a period of time if data is inaccurate or there is a dispute about its accuracy or the reason for processing it.
If you would like to exercise any of these rights, or you have any questions about the privacy notice, please contact the Data Protection Officer or a member of administration team.