At Prism Network we are committed to protecting the privacy of our employees, clients, suppliers, candidates and investors. We shall ensure that information submitted shall be used only for the purposes set out in this Privacy Notice.
1. The Information we gather, store and process
Prism Network shall collect personal details, including but not limited to names, contact details and any other relevant information. Where necessary, Prism Network may also request some sensitive personal information.
Information provided to Prism Network shall be processed and stored by us:
a. to match contractors’ skills and experience to assignments;
b. to enable us to pay contractors;
c. for procurement purposes;
d. to fulfil contractual and legal obligations with our employees, clients, suppliers, contractors and regulatory authorities.
2. Principles
In accordance with the Company's obligations under the GDPR, we require that personal data be:
· processed in a fair, lawful and transparently manner;
· collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes;
· adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
· accurate, and where necessary, up to date;
· held for no longer than necessary; and
· secure and protected against a personal data breach.
3. Legal Basis
Prism Network shall only processes personal data where it is necessary, and the Company has a valid lawful basis to do so. The lawful bases for processing that apply to personal data processed by the Company are set out below. You must ensure that at least one of these bases apply whenever the Company processes personal data:
a. Performance of Contract
the processing is necessary for a contract that the Company has with the employee, client, contractor or supplier, or because such person has asked the Company to undertake specific steps before entering into a contract with the Company.
b. Legal Obligation
the processing is necessary for the Company to comply with its legal or regulatory obligations.
c. Legitimate Interest
The processing is necessary to enable Prism Network personnel to carry out their job. Legitimate Interest must be a reasonable expectation’ or a ‘relevant and appropriate reason’ for processing of personal data (Rec. 47) and is assessed using the following criteria:
· What is the legitimate interest that you have to process the data?
· Can you show that processing the data is necessary in order to achieve what you need to do?
· Could processing the data affect the rights or freedoms of the person?
d. Consent
Prism Network ensure that the following checks are made once we have ascertained that consent is the most appropriate lawful basis for processing:
· We have made the request for consent prominent and separate from our terms and conditions;
· We ask people to positively opt in;
· We don’t use pre-ticked boxes or any other type of default consent;
· We use clear, plain language that is easy to understand;
· We specify why we want the data and what we’re going to do with it;
· We give separate distinct (‘granular’) options to consent separately to different purposes and types of processing;
· We name our organisation and any third party controllers who will be relying on the consent;
· We tell individuals they can withdraw their consent;
· We ensure that individuals can refuse to consent without detriment;
· We avoid making consent a precondition of a service.
4. Shared Data
Any shared information is freely given, specific, informed and unambiguous. Please note that this information must be used for the sole purpose in which this was intended. To ensure compliance with GDPR, Prism Network request that all shared information is deleted once it is no longer required for the original purpose.
If information is transferred, the information will only be shared with another organisation or third party such as payroll company, in a way that individuals would expect.
The Company shall not otherwise disclose personal data to third parties unless:
· the disclosure is to comply with the Company's legal or regulatory obligations; and
· an employee has acted adversely to the Company's interest and disclosure is required in order to protect Company interests.
5. Access Rights
Any individual who has their data processed by the Company has the following rights in relation to such processing:
a. The right to be informed about how the Company uses personal data and an individual's rights relating to such personal data. The Company is required to provide this information in a clear, transparent and easily understandable format
b. The right of access to the personal data which is processed and information about how it is being used.
c. The right to rectification if personal data is inaccurate or incomplete.
d. The right to erasure in certain circumstances where there is no reason for the Company to continue to process the data.
e. The right to restrict further processing of personal data.
f. The right to data portability of personal data between different service providers.
g. The right to object to certain types of processing, such as direct marketing.
h. The right not to be subject to decisions based solely on automated decision-making, including profiling.
Prism Network may limit or deny requests for access or charge reasonable fees for access, except as prohibited by applicable law.
The lawful basis for processing can also affect which rights are available to individuals.
Please note that such information is necessary for the performance of the services that Prism Network provide, and any request to withdraw consent for processing, object to processing or request erasure of your information may result in Prism Network being unable to continue providing its services to you.
6. Equal Opportunities
Prism Network is an equal opportunities employer and are committed to diversity. This means that all employees, clients, contractors and suppliers will receive equal treatment and will not be discriminated against on the grounds of gender, marital status, race, ethnic origin, colour, nationality, national origin, disability, sexual orientation, religion or age.
7. How to contact Prism Network
If you require information on how to exercise your rights once you have contacted Prism Network or if you have any questions about this Privacy Notice, please contact us at:
Email: info@maxi-mizeqa.com
Tel: 07979 647691
Contact: Data Protection Representative
If we are unable to resolve your query, you can contact the Information Commissioner at https://ico.org.uk/concerns/
or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.
Prism Network reserves the right to modify this Privacy Notice at any time. Please regularly check this page to keep abreast of any changes.
Fraser Clark
Director
Date : 21.03.22