Privacy Policy - ExceedOutSourcing

Exceed Privacy Policy

This policy was last updated on 01 September 2019

Exceed Means all companies within the Exceed Group. This includes Exceed Outsourcing Limited, Exceed Umbrella Limited and Exceed Business Services Limited.

Registered office address, Office 2, Second Floor, Parsonage Chambers, 3 Parsonage, Manchester, M3 2HW is committed to keeping your information private. By ‘your information’ we mean any information about you that you or third parties provide to us. Exceed has created this privacy policy (“Privacy Policy”) to inform you of our privacy practices and terms and conditions under which data we collect from you will be used, shared and otherwise treated and protect the personal information we may gather from and about our customers via our website or other communication media available. By using our websites, enquiry, applications forms or other communication media available, you consent to the collection, use and disclosure of your information, as described in this Privacy Policy.

For the avoidance of doubt our website includes our Home Page, www.exceedoutsourcing.co.uk and Portal,

This Privacy Policy will also instruct you on how you can verify the accuracy, and control certain uses, of the information you provide to us. In addition by accessing the Exceed site and providing personally identifiable/personal data about yourself (“Personal Information”), you agree to be bound by the Privacy Policy.

This Privacy Policy may be updated from time to time. Accordingly, you should check the date last edited and review any changes since the last revision.

Exceed privacy principles

Exceed is committed to safeguarding the privacy of your information. By ‘your information’ we mean any information about you that you or third parties provide to us.

We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so
We will be transparent in our dealings with you and will tell you about how we will collect and use your information
If we have collected your information for a particular purpose, we will not use it for anything else unless you have been informed and, where relevant, your permission obtained
We will not ask for more information than we need for the purposes for which we are collecting it
We will update our records when you inform us that your details have changed
We will continue to review and assess the quality of our information
We will implement and adhere to information retention policies relating to your information, and will ensure that your information is securely disposed of at the end of the appropriate retention period
We will observe the rights granted to you under applicable privacy and data protection laws, and will ensure that queries relating to privacy issues are promptly and transparently dealt with
We will train our staff on their privacy obligations
We will ensure we have appropriate physical and technological security measures to protect your information regardless of where it’s held
We will ensure that when we outsource any processes, the supplier has appropriate security measures in place and will contractually require them to comply with these Privacy Principles
We will ensure that suitable safeguards are in place before personal information is transferred to other countries

If you have questions or complaints regarding our privacy policy or practices, send a request to us using one of the methods described in “Contact Us” section. We will respond to you within a reasonable period of time unless otherwise required by law. If you are not satisfied with our response you can contact the Information Commissioner by visiting https://ico.org.uk.

Collection of personal data

Website users can access our Home Page and browse without disclosing any personal data. During the course of any visit to our site, the pages you see, along with something called a cookie, are downloaded to your computer. Most, if not all, websites do this, because cookies allow the website publisher to do useful things like find out whether the computer (and probably its user) has visited the site before. This is done on a repeat visit by checking to see, and finding, the cookie left there on the last visit.

Any information that is supplied by cookies can help us to provide you with a better service and assists us to analyse the profile of our visitors. For example: if on a previous visit you went to, the about us page, then we might find this out from your cookie and highlight about us information on a second visit.

Aggregate information is passively collected by Exceed to monitor the use of our website. This does not contain any personal data nor is it linked to personally identifiable information.

Any personal data gathered is volunteered by the data subjects if they submit a card application form for visa prepaid personal card, to receive any other type of incentive(s) or in connection with a lead or referral to supply information regarding the products or services we offer when requesting information regarding our products and services.

Any personal data gathered is volunteered, when you are asked to provide personal information, you may decline. If you choose not to provide the information, you may not be able to use the products or services we offer.

The types of information we collect

You may provide us with certain information in connection with a product or service we offer, or in your interactions with our websites. Any personal data gathered via the website is volunteered by visitors to the public or interactive areas of our website. Exceed receives personal data about our website visitors if they, submit an enquiry or application form online.

Any personal data gathered is volunteered by the public via telephone, email, post or fax enquiries, live support or any via 3^rd party channels such as website hosted advertisements lead generations and employment agency referrals.

Personal data about the customers of Exceed is received if they, or their representatives, provide such information within the interactive areas, or any other method of communication open to them.

When you are asked to provide personal information, you may decline. If you choose not to provide the information, you may not be able to use the products or services we offer.

Where you provide information about others (for example ‘referring a friend’) you must ensure that you have their consent or are otherwise entitled to provide this information to us The personal information that we may collect includes:

For consultations: Contact information (such as status, name, telephone number and email address)

For referrals: Contact information (such as name, gender, telephone number and email address), identity information (nationality, national insurance number), contract information (such as end client, job title, start date, end date, PAYE rate and limited rate), agency information (such as agency name, consultant name, contact number, and email).

For enquires: Contact information (such as name, address, telephone number and email address), identity information (such as date of birth, nationality, national insurance number), invoicing information (such contractual rate, assignment details and agency details).

For applications/sign up: Contact information (such as name, address, telephone number and email address), identity information (such as date of birth, nationality, national insurance number, and know your Customer details), Supervision, Direction or Control Questionnaire,

For employment: Employment information (such as start date, employment income, expenses details, payment details, bank details, tax code, student loan, pension details, and entitlement to work) and invoicing information (such as hours worked, contractual rate, assignment details and agency details),

For sub-contracting Sole Trader Information (such as start date, trading name, Unique Tax Reference, CIS Status and verification number, income, payment details, bank details and invoicing information (such as hours worked, contractual rate, assignment details and agency details),

Personal data about agency/end client current, past or prospective employees Customer Information (such as personal data about its current, past or prospective agency or end client employees name, address, employer, telephone number, date of birth, gender, nationality NI Number, town and country of birth and value of incentive(s))

General Correspondence (emails, letters, employment income, complaints, telephone conversations (see telephone calls), other correspondence from government institutions, recruitment agency(s), end client(s)).

For marketing, competition, promotion, advertising activities, research and development: Marketing Information (such as name, address, telephone number, email address and IP address)

Sensitive Data relates to health (including information about disabilities, and doctors details), to enable processing of statutory pay,for example sick pay.

Use and disclosure of personal data

Personal data received by Exceed is used only for the following purposes:

Provide information about our products and services and/or communicate relevant information about the current product and services as necessary
To administer your account and to provide the product and services you have requested from us
To enforce compliance, or contractual obligations of Exceed or your employing company.
To participate in and contribute to this database, as a condition of our Professional Passport Approved Provider status.
To comply with any legal requirements
Where you have provided consent Exceed may store, process and use your Personal Information for marketing, promotion, advertising activities, research and development. If you would like to opt-out of receiving marketing, promotion, advertising activities, research and development from Exceed, please refer to “Opting Out” Section.
Where you have provided consent Exceed also reserves the right to share, transfer or otherwise disclose your Personal Information with trusted third parties that we believe may be able to provide you with valuable offers. If you would rather us not to share your Personal Information with any third party for their’ direct marketing purposes, let us know by following the “DO NOT SHARE” section.
To transfer your information in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website
To prosecute and defend a court, arbitration, or similar legal proceeding.
To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
When we believe it is appropriate to do so to protect the rights, property, or safety of our company or other persons.

Personally identifiable information collected by Exceed is not used for purposes unrelated to the purpose for which the information was originally collected.

You may at any time tell us you:

would like to review, update your Personal Information from Exceed’s Database, please refer to the “Reviewing or Updating Your Personal Information” Section;
would like to remove your Personal Information from Exceed’s Database, please refer to “The right to be forgotten” Section.
would like to opt-out of receiving marketing emails or postal mail from Exceed, please refer to “Opting Out” of Receiving Information from Exceed” Section;
no longer want Exceed to share your Personal Information with third parties for such third parties own direct marketing purposes, please refer to “Do Not Share” section.

Exceed will seek written consent from data subjects prior to using their personal data in a manner which is different to that stated in our Privacy Policy when their data was received.

Telephone calls

Telephone calls may be recorded or monitored for training, security and quality management purposes.

Recording customer conversations allows organisations to assess customer satisfaction, train and develop staff, review call quality, and have access to a verbal record of what is said in the event of a subsequent complaint.

How will call recordings be used?

Quality Monitoring – Written records only provide partial information. A call recording provides a more rounded view and allows us to better understand customer experience and assess the processes applied. This can help us identify any improvement areas.

Training and Development – Listening to a sample number of calls, allows managers to identify training needs.

Gaining a better understanding of our customers – Many calls are verbally resolved without the need to complete any records. Listening to sample calls will help us better understand our customer needs.

Complaints and disputes – Some calls are verbally resolved. Where information is entered onto an electronic system this becomes the established record. In the event of a complaint or dispute, a call recording (if available), may provide additional information to help us investigate any allegations.

All recording will be kept in accordance with the Data Protection Act. You can request a copy of your conversation using one of the methods described in the “Contact Us” section.

Security and integrity of personal data

Exceed endeavours to protect the data transmitted from its website from unauthorised access or disclosure; to maintain data accuracy and completeness; and to ensure the appropriate use of information.

Security measures – including firewalls, encryption and intrusion detection technology, back up procedures, external audits and encryption – are employed by Exceed to reduce vulnerabilities to security and privacy threats. Unique passwords and usernames are also required to log into the restricted interactive areas of our website.

Some personal data is held and processed by our Internet Service Provider. Such data is only held and processed for and on behalf of Exceed and under our instruction.

All members of staff are subject to strict confidentiality clauses in their contracts of employment. Access to personal or sensitive data is restricted to authorised employees.

Nonetheless, due to the inherent nature of the Internet, Exceed cannot guarantee the privacy of any information provided online and is not responsible for any breach of security.

Links on our websites

The website of Exceed does not enable visitors to communicate with other visitors or to post information to be accessed by others.

Our website does not contain links to third party ad servers or allow them to place tracking devices on our website.

Our website may contain links to third party websites for users’ convenience and information. If a visitor clicks on these links they will move to another website. Exceed is not responsible for the data policies or procedures, or the content of third party websites linked to our website.

What is a cookie?

When you enter a site your computer will automatically be issued with a cookie. Cookies are text files that identify your computer to our server. Cookies in themselves do not identify the individual user, just the computer used. Many sites do this whenever a user visits their site in order to track traffic flows.

Cookies themselves only record those areas of the site that have been visited by the computer in question, and for how long. Users have the opportunity to set their computers to accept all cookies, to notify them when a cookie is issued, or not to receive cookies at any time. The last of these, of course, means that certain personalised services cannot then be provided to that user.

For more information, please see our cookies page.

Access to personally identifiable information

Under applicable Data Protection Laws, data subjects may have the right to access the personal data held by Exceed in relation to them and to request that inaccuracies be amended or updated.

Individuals who wish to exercise such rights should contact Exceed. Any requests to access or amend personally identifiable information will be subject to rigorous ‘Know Your Client’ procedures.

These rights are known as Subject Access Request and must be made to Exceed in writing, detailing the information that you require; please refer to contact details section.

Reviewing or updating your personal information

At the start of your relationship with Exceed you will be provided with a unique Portal login name and password. The area provides you access to your Personal Information, which you can review amend or update at any time. Any Personal Information changes may be verified by a member of the Exceed team as and when required. If you are unable to gain access to the Portal for whatever reason please contact the Client Queries team on 0800 612 8787. Alternatively you can request any changes in writing to Exceed, Data Protection Office 2, Second Floor, Parsonage Chambers, 3 Parsonage, Manchester, M3 2HW.

Right to be forgotten

If you would like to remove your Personal Information from our database please contact please using the “Contact Us” details below. Please note that your Personal Information is required to be kept by law for 7 years following end of relationship. For the avoidance of doubt relationship ends on archive date.

Right to data portability

You can request your Personal Data that you have provided to be transferred to another data controller by providing the data controllers details by contacting us through one of the methods described in our “Contact Us” section.

Please note that such requests may take up to one (1) month. Exceed will provide the personal data in a structured, commonly used and machine readable form, such as csv and will transfer using a secure method.

Transfers Overseas

Personal Data that you have provided will not be transferred overseas, third country, without your consent unless the third country has equivalent legislation to protect your data. For the avoidance of doubt your data is stored, and processed in the Isle of Man and UK.

Opting-out

If you prefer not to receive marketing materials from Exceed, you can either:

Unsubscribe from all Exceed marketing materials by contacting us through one of the methods described in our Contact Us section;
Unsubscribe from a particular Exceed marketing material by clicking the unsubscribe link relevant to that material.
Update your Privacy Agreement via the client Portal

Please note this does not include receiving information regarding the product and services that you signed up to receive.

Please note that such requests may take up to one (1) month to become effective.

Do not share

If you do not wish to have Personal Information collected by Exceed shared with third party organisations for their own direct marketing or promotional purposes, you can have your name place on a “do not share” by sending a request to us using one of the methods described in “Contact Us” section.

If we have not received your “do not share” request after having shared, transferred or otherwise disclosed your Personal Information, Exceed may not have any ability to control the use of such data by such third party (and we undertake no obligation to do so), so you agree that Exceed will have no responsibility or liability whatsoever as a result of the use of such data by such third party.

Please note that do not share will only restrict the transfer, sale, assignment or otherwise disposal of Personal Information to third parties that are not required to undertake our duties of performing the administration services in relation to your employment. For the avoidance of doubt this means that personal information will still be shared and used to comply with any relevant contractual, legislation and regulatory requirements. This includes to statutory bodies, recruitment companies, agencies and end clients, electronic identification checking services, and other such entities and services to enable us to perform our administration of your employment.