Â
Introduction Efficient Security Solutions (hereinafter referred to as “the Company”) is committed to protecting the privacy and personal data of its employees. This policy outlines our compliance with the General Data Protection Regulation (GDPR) and explains how we collect, process, store, and delete personal data.
Scope This policy applies to all personal data processed by the Company regarding its employees, including but not limited to addresses, work history, identification photos, bank statements, and other personally identifiable information (PII).
Principles Efficient Security Solutions adheres to the following GDPR principles:
Lawfulness, fairness, and transparency: Personal data is processed lawfully, fairly, and transparently.
Purpose limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
Data minimisation: Only data that is necessary for the purposes outlined is collected.
Accuracy: Reasonable steps are taken to ensure that personal data is accurate and kept up to date.
Storage limitation: Data is retained only for as long as necessary, with a maximum storage period of 7 days.
Integrity and confidentiality: Personal data is processed securely to prevent unauthorised access, accidental loss, destruction, or damage.
Collection of Personal Data The Company collects personal data only when necessary to manage employment relationships. Data may include:
Name and address
Work history
Identification photos
Bank statements
Other relevant personal information
Use of Personal Data Personal data is processed to fulfil contractual obligations, comply with legal requirements, or pursue legitimate interests essential to our operations. We ensure that the use of data is proportionate and necessary for its intended purpose.
Retention and Deletion Efficient Security Solutions retains personal data only for the duration required to achieve the processing purpose, up to a maximum of 7 days. Any data not processed or required by the 6th day will still be deleted on the 7th day. After this period, all personal data is securely deleted using industry-standard methods to ensure its complete removal.
Data Security The Company implements robust technical and organisational measures to protect personal data. These measures include:
Encryption of sensitive information
Secure storage systems
Regular audits of data security practices
Access control to limit data access to authorised personnel only
Rights of Employees Under GDPR, employees have the following rights regarding their personal data:
Right to access: Employees can request access to their personal data.
Right to rectification: Employees can request corrections to inaccurate or incomplete data.
Right to erasure: Employees can request the deletion of their data, subject to our retention policy.
Right to restrict processing: Employees can request that their data processing is restricted.
Right to data portability: Employees can request a copy of their data in a portable format.
Right to object: Employees can object to the processing of their data.
Rights related to automated decision-making: The Company does not use automated decision-making processes.
Contact and Complaints For any inquiries, concerns, or complaints about this policy or how your data is handled, please contact:
Efficient Security Solutions [Insert Address] [Insert Email Address] [Insert Phone Number]
If you believe your data protection rights have been violated, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the United Kingdom.
Policy Updates This GDPR policy is reviewed periodically to ensure ongoing compliance with data protection laws. Updates will be published on our internal communication channels or communicated to employees directly.
Effective Date: [Insert Date]