Privacy Policy

Introduction

Ingeni Group Limited ("the Company") is committed to protecting the personal data of its clients, employees, suppliers, and other stakeholders. This policy outlines how the Company collects, uses, stores, and protects personal data in compliance with the General Data Protection Regulation (GDPR) and relevant UK data protection laws.

Scope

This policy applies to all employees, contractors, and third-party service providers who process personal data on behalf of Ingeni Group Limited.

Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on personal data, such as collection, storage, use, or disposal.
  • Data Subject: The individual whose personal data is being processed.
  • Controller: The entity that determines the purposes and means of processing personal data.
  • Processor: The entity that processes data on behalf of the controller.

Data Collection and Use

Ingeni Group Limited may collect personal data for the following purposes:

  • Clients and Suppliers: To provide building services, process contracts, and maintain business relationships.
  • Employees: For HR management, payroll, and legal compliance.
  • Data Subject: The individual whose personal data is being processed.
  • Marketing: To inform clients and potential clients about services (with explicit consent).

Data collected may include:

  • Contact details (e.g., names, addresses, email, phone numbers).
  • Payment and financial information (e.g., bank details for invoicing).
  • Identification documents (e.g., passport or ID for compliance checks).

Lawful Basis for Processing

Ingeni Group Limited will only process personal data where a lawful basis applies, including:

  • Consent: When individuals provide explicit permission.
  • Contract: To fulfill contractual obligations.
  • Legal Obligation: To comply with laws and regulations.
  • Legitimate Interests: To support business operations in a way that does not unduly impact individuals' rights.

Data Storage and Retention

Personal data will be stored securely and only retained for as long as necessary for the purposes outlined in this policy. Data retention periods will align with legal and regulatory requirements specific to the building industry.

Data Security

Ingeni Group Limited implements robust security measures, including:

  • Physical security for office premises and servers.
  • Encryption of digital records.
  • Regular audits of data storage and access protocols.
  • Training for staff on data protection responsibilities.

Data Subject Rights

Individuals have the following rights regarding their personal data:

  • Access: To know what data is held about them.
  • Rectification: To request corrections to inaccurate data.
  • Erasure: To request deletion of their data ("right to be forgotten").
  • Restriction: To limit how their data is processed.
  • Portability: To receive their data in a transferable format.
  • Objection: To object to processing for specific purposes, such as direct marketing.

    • Requests should be submitted to the Data Protection Officer (DPO) using the contact details provided below.

Data Breaches

Ingeni Group Limited will promptly investigate and report any data breaches to the Information Commissioner’s Office (ICO) within 72 hours, if required, and notify affected individuals where necessary.

Third-Party Processors

The Company may engage third-party processors to handle personal data. All processors are contractually obligated to comply with GDPR requirements and ensure data security.

Contact Information

For questions or concerns about this policy or to exercise your rights, please contact:

Data Protection Officer

  • Ingeni Group Limited
  • Address: 4a Roman Road, East Ham London, E6 3RX
  • Email Address: info@ingenigroup.com

Policy Review

This policy will be reviewed annually or as necessary to reflect changes in legislation or business operations.

Effective Date: 15th March 2024