Enquire

Data protection policy

1. Introduction

AD Building Contractors is committed to ensuring the privacy and protection of all personal data that we collect and process. This Data Protection Policy outlines the technical and organisational measures we have in place to comply with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). We are committed to processing data in a lawful, fair, and transparent manner, ensuring that data subjects’ rights are upheld.

2. Scope

This policy applies to all personal data collected and processed by AD Building Contractors, including data related to our clients, subcontractors, and employees. It covers both digital and physical records and applies to all employees, subcontractors, and anyone acting on behalf of AD Building Contractors.

3. Data We Collect

AD Building Contractors collects and processes the following types of personal data:

  • Names, contact details (phone numbers, email addresses), and physical addresses of clients
  • Details of work and adaptations required for building projects
  • Contact details of the client’s occupational therapist, where relevant (e.g., if the client must make a financial contribution to the project)

4. Lawful Basis for Data Processing

We collect and process personal data based on the following lawful grounds:

  • Performance of a contract: Data is collected to ensure the successful completion of building projects, including Disabled Facility Grants (DFGs).
  • Legal obligation: Where applicable, data may be processed to meet regulatory and legal obligations.
  • Legitimate interest: We process personal data in the legitimate interest of delivering our services and maintaining our business relationships.

5. Data Collection and Use

We only collect the necessary personal data required to deliver our services effectively. Personal data is collected in a transparent manner, with individuals informed of:

  • What data is being collected
  • The purpose of data collection
  • How long the data will be retained
  • Who the data will be shared with (if applicable)

We do not collect or process personal data beyond what is needed for the completion of the contract.

6. Data Storage and Security

6.1 Digital Storage

  • Personal data stored digitally is kept on password-protected devices and systems, with restricted access granted only to authorised employees.
  • All digital data is protected by up-to-date antivirus software, firewalls, and encryption tools, ensuring it is safe from unauthorised access and cyber threats.

6.2 Physical Storage

  • In instances where physical copies of personal data are required, such as contracts or work records, these are securely stored in locked filing cabinets with restricted access.

6.3 Access Control

  • Access to personal data is limited to authorised employees and subcontractors. Subcontractors receive only the information relevant to their tasks and are instructed to follow this Data Protection Policy when handling personal data.

7. Data Retention

We retain personal data only for the duration of the contract and the necessary time needed to fulfil our legal and contractual obligations. Once the contract is complete, personal data is securely deleted or destroyed.

  • Digital data: Deleted from all devices, backups, and storage systems.
  • Physical data: Shredded and disposed of securely.

8. Data Sharing

Personal data is not shared with any third parties unless it is necessary for completing the contract or a legal requirement. Where data is shared with subcontractors, they receive only the data required for their specific tasks. Subcontractors are bound by our confidentiality agreements and this Data Protection Policy.

9. Data Subject Rights

Individuals have the following rights regarding their personal data:

  • Access: Individuals may request access to their personal data held by us.
  • Rectification: If any personal data is inaccurate or incomplete, individuals can request corrections.
  • Erasure: Individuals may request that their personal data be deleted, subject to certain conditions.
  • Restriction of processing: Individuals can request limits on how their data is processed.
  • Data portability: Individuals have the right to obtain and reuse their personal data for their own purposes.
  • Objection: Individuals may object to the processing of their data in certain circumstances.

Requests to exercise any of these rights should be directed to info@ad-buildingcontractors.co.uk.

10. Incident Response and Data Breach Procedure

Despite our best efforts to safeguard personal data, we recognise that data breaches may occur. In the event of a data breach, the following procedure is in place:

  1. Incident Identification: Any employee or subcontractor who suspects or identifies a data breach must immediately report it to the company director.
  2. Assessment and Containment: The breach is assessed to understand its extent and whether any personal data has been compromised. Immediate steps are taken to contain the breach, such as revoking access or isolating affected systems.
  3. Notification: If the breach involves personal data and poses a risk to individuals’ rights and freedoms, we will notify the affected individuals and the Information Commissioner’s Office (ICO) within 72 hours, as required by GDPR.
  4. Remedial Action: Following containment, we will investigate the root cause of the breach and take steps to prevent recurrence.
  5. Record Keeping: All breaches are logged and documented, including the nature of the breach, steps taken, and outcomes.

11. Confidentiality and Data Protection Training

All employees and subcontractors are required to maintain the confidentiality of personal data at all times. We ensure that they are aware of this policy and receive any necessary data protection training to fulfil their obligations.

12. Regular Policy Review

This Data Protection Policy is reviewed on an annual basis or when necessary to reflect changes in data protection law or business practices. Any updates will be communicated to all employees and subcontractors to ensure continued compliance.

Contact Information: For questions or concerns regarding this policy, please contact: info@ad-buildingcontractors.co.uk

At AD Building Contractors, we specialise in creating accessible living spaces across Devon.

Policies
Get In Touch
  • 07904 259 727
  • 01803 311 264
  • info@ad-buildingcontractors.co.uk

AD Building Contractors © All Rights Reserved. Website by Maven Creative