Contact us

Privacy Policy

 

1. Data Protection

 

1.1 This policy relates to the privacy and data protection practices which apply to Barker Associates and our website www.barker-associates.co.uk.

 

1.2 Our aim is to protect our clients, employees and website users’ privacy whilst providing a personalised and valuable service. Collecting personal information is necessary if we are to satisfy the expectations and requirements of our users, i.e. to communicate and to enable an interactive service. In this policy we explain what information we collect; what we do with it and what controls you have.

 

1.3 All information provided to us will be managed sensitively and distributed in accordance with agreed protocols. Any personal information provided to us is treated in accordance with the Data Protection Act, registration number ZA517283, General Data Protection Regulation (GDPR), Privacy and Electronic Communications Regulations (PECR) and our in-house Privacy GDPR Compliance Policy.

 

2. Personal Identification Information

 

2.1 Any personal information such as name, postal address, telephone number and email address given to us will only be used to provide a requested service in line with our contractual agreement, to respond to an enquiry and/or for marketing purposes where the individual has opted in. This will not be disclosed to any other third party without your prior permission unless we are required to do so by law.

 

2.2 Any non-personal information gathered via our website, such as IP address, pages accessed, and files downloaded, will only be used to determine how many individuals use our site, how many people visit on a regular basis, which pages are most popular, and which pages are least popular. This information doesn’t tell us anything about who you are or where you live; it is simply used to enable us to monitor and improve our service. Details can be found in our Cookie Policy.

 

3. Statutory Audit Disclosure Clause

 

3.1 The Company may be required to disclose certain personal data of employees to external statutory auditors for the purpose of auditing the Company’s financial accounts and operational practices, in compliance with applicable laws and regulations.

 

3.2 Such disclosures will be limited to what is necessary for the audit and will be carried out in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

3.3 The statutory auditors act as independent data controllers and are bound by strict professional confidentiality and data protection obligations. If employee personal data is shared with auditors, it is solely for compliance-related purposes, such as verifying adherence to financial or regulatory standards.

 

4. How We Store and Protect Data

 

4.1 We are committed to protecting our employees, clients and users’ privacy. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration or destruction of personal data we store.

 

4.2 All client and project data is stored on our secure CMS and CRM systems.

 

4.3 All computers are protected against virus attacks and malware by ‘Sophos’ and ‘Mimecast’ security software, which provides advanced email security, antivirus, antispam protection, TLS encryption, Data Leak Prevention, Documents Services and Attachment Management security software. We have a secure hardware firewall between our internal systems and the outside world. All devices and connections are password-protected.

 

We have implemented an Ultimate Disaster Recovery Solution, which is supported by our IT provider RAMSAC. Our Disaster Recovery Policy explains in more detail the safeguarding we have in place, a copy of which is available upon request.

 

4.4 Our website is SSL (Secure Sockets Layer) certified, which keeps data secure between servers. Any enquiry/information entered through our website is encrypted.

 

4.5 We use cookies on our website. Cookies are tiny files that are downloaded to your computer to improve your experience. Our Cookie Policy describes what information they gather, how we use it and why we need to store these cookies.

 

4.6 As best practice, Project files are kept for a maximum period of 12 years. Archive files are stored off-site in a secure fireproof warehouse with an outsourced company.

 

4.7 We have continuous Cyber & Data Liability cover. The certificate is available upon request.

 

4.8 We maintain a Personnel Data Register for all employees and job applicants. Personal data provided to us will be retained for the duration of employment and for 6 years afterwards for legal and reference purposes.

 

Right to work documentation will be retained for the duration of employment and for 2 years following the end of employment. After this, it will be securely destroyed in line with the Immigration, Asylum and Nationality Act 2006. Information provided to us for Job Vacancies, either directly, via our website or an agency, will be retained for a period of one year should suitable opportunities become available during this period.

 

4.9 Other data protection practices we maintain are personnel details, which are securely stored in the Human Resources Information System (HRIS).

 

5. Sharing Personal Information Data

 

5.1 Certain projects may require us to share personal information with third parties such as contractors, sub-contractors, insurers, photographers, and recruitment agencies. This information will be shared as per the project requirements or on an individual basis and in prior agreement with you. Should you not wish for us to share this information, please inform your Project Manager or Practice Manager in case of employees.

 

5.2 At times, we may use third-party service providers to help us operate our business and the site or administer activities on our behalf, such as sending out surveys and marketing emails. We may share your information with these third parties for those limited purposes provided that you have given us your permission.

 

5.3 We also use social media to share our practice news, industry updates, project updates, testimonials and case studies. Every effort will be taken to anonymise our social media updates, on the occasion that a reference has to be made, this will be done with prior permission.

 

6. Marketing

 

6.1 We may contact individuals who have expressed an interest in our services via our website forms, surveys or at an event to respond to their enquiry. Opportunity to unsubscribe/opt-out of such communication will be provided with every email.

 

6.2 We may use a project as a case study, including client feedback/testimonials, photographs and video where available for marketing purposes via brochures, postcards, website and social media where prior permission has been granted.

 

6.3 At times, we may invite you to our events. You will be provided with an opportunity to opt-out/ unsubscribe from further correspondence should you not wish to receive these invitations.

 

6.4 Our marketing activities comply with the General Data Protection Regulation (GDPR) and Privacy and Electronic Communications Regulations (PECR).

 

7. Links

 

7.1 Our website and emails may contain links to third-party sites which we have no control over; if you visit those sites, you should check that you are happy with their own privacy policies and terms of use before providing any personal information. Additionally, if you linked to our website from a third party, we cannot be responsible for the privacy policies and practices of that third-party site.

 

8. Consent

 

8.1 By using our services and website, clients, employees and users consent to the collection and use of personal data in accordance with our Privacy Policy and Data Protection regulations. If you do wish to do so or have any questions relating to our Privacy Policy, please let us know via our Contact Us.

 

9. Scheduled Audit Date

 

9.1 Barker Associates will review this Policy annually and as required.

 

10. Designated GDPR Team

 

10.1 Jonathan Coyles, Partner, jcoyles@barker-associates.co.uk

See
the project