1 Introduction
This Privacy Policy applies to:
Protect Insurance, who are a subsidiary of UBT (EU) Ltd whose registered office is at The Precinct, Poseidon Way, Warwick, CV34 6BY, UK and whose company number is 4938684 and;
and any related bodies corporate (we, us, our);
explains how we process Personal Data (defined below) that is regulated by the General Data Protection Regulation(EU) 2016/679 and the law(s) implementing the GDPR in our jurisdiction and complies with their requirements.
applies in respect of all Personal Data processed by us, including the Personal Data of clients, member businesses and suppliers.
We may update this Privacy Policy from time to time. The most current version will be posted on our website https://www.ubteam.co.uk/ where this will be updated. It will be effective from the date of posting. It is your responsibility to check our website from time to time in order to determine whether there have been any changes.
2 The kind of Personal Data we collect
Personal Data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Personal Data).
Sensitive data is Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation (Sensitive Data).
The types of Personal Data we collect about you depends on the circumstances in which that information is collected, and can include data collected through our volunteers. The kinds of Personal Data we collect and hold includes:
- for users of our website, contact information such as name, postal address, email address and telephone number, other data about you such as gender, marital status, dietary information, special needs data, passport and frequent flyer data and information about your religious beliefs, as well as data associated with your use of the website, such as bank details for direct debit payments and credit card information, as well as information you submit via online forms, and your use of any other platforms or applications we may offer. This may include information about the device you are using, as well as;
- information about which pages you visit and which resources you use on our site
- information about how you got to our site
- your internet protocol address known as your IP address which is used to connect your device to the internet
- your device’s operating system and platform
- the type and version of the browser you are using
- browser plug-in types and versions which extend the functionality of your browser, for example Pinterest, Evernote and Adblock
- MAC addresses which are used as network addresses for Wi-Fi and Ethernet
- traffic data, which is aggregated information about the number of visitors, sessions, users and page visits to our site
- geolocation data
- time zone setting
- weblogs
for our clients, member businesses and other partners:
- the client, member business or partner’s contact information such as name, postal address, email address and telephone number;
- information collected when you visit one of our sites, which may include CCTV footage and car registration details;
- addresses of the site or premises where we are supplying any products and/or services;
- billing information; and
- other information relevant to the provision of products and/or services by or on behalf of us to the client, member business or partner’s premises;
- for our suppliers and service providers, names and contact details of individuals working for those suppliers and service providers, who we deal with;
- for prospective personnel seeking employment or engagement with us, contact information, curriculum vitae, current employment information (e.g. job title and employer), professional association memberships, criminal record, general health information, religious beliefs and other information about your suitability for employment with or engagement by us; and
- for other individuals, name, contact details and any other information relevant to our interactions with you.
3 How we collect Personal Data
3.1 Personal Data generally
We collect, Personal Data about you for the following reasons: (1) the collection is necessary for us to provide our services; (2) it is in our legitimate interest to collect this data for the purposes of providing the services; (3) the collection is necessary for us to comply with our legal obligations or applicable law; or (4) we have consent, where applicable or required under law.
We will generally collect your Personal Data from you directly. There are however, circumstances in which we collect Personal Data from third party individuals, business entities and governmental agencies, such as signatories to the GAP Global Limited Amended and Restated Members Agreement (GAP Global Members), courts, public and law enforcement agencies, and credit bureaus, regardless of whether such individual, business entity or governmental agency compiled the information itself or received it from other sources.
Where we collect Personal Data from a third party, we will handle that information in accordance with this Privacy Policy and any obligations we have to that third party.
If you provide to us Personal Data about another person, we are relying on you having addressed all relevant consents, notifications and other requirements to enable us to process the Personal Data for our purpose of collection.
We may collect Personal Data about prospective personnel, by conducting reference and background checks in relation to their application for employment with us from time to time, including searches for any criminal records, employment and education verifications, personal credit history based on reports from any credit bureau and searches of any public records.
3.2 Sensitive Data
We will only collect, use and disclose Sensitive Data about you where you have provided your explicit consent to the collection of that information, or where we are required or authorised by law to do so, for example where we conduct criminal records searches in relation to prospective personnel where this is necessary to carry out the obligations and to exercise specific rights in the field of employment and social security and social protection law as permitted by local data protection laws or where necessary for reasons of substantial public interests as permitted by local data protection laws. Such Sensitive Data may in certain circumstances include biometric data such as biometric facial scans. In providing any consents to the collection or handling of Personal Data (including Sensitive Data), you consent to us collecting, holding, using and disclosing the information you provide in accordance with the terms of those consents and this Privacy Policy.
3.3 If your Personal Data is not provided
If you do not provide us with your Personal Data when requested, this may limit the assistance we are able to provide to you, including assistance we are contracted to provide on behalf of a third party. For example, we may not be able to provide the product and/or service you may have requested and may not be able to handle enquiries in connection with those products and/or services, or process your job application.
3.4 Cookies
Our website uses a technology called “cookies” and web server logs to collect information about how the website is used including, where available, your IP address, browser type and the geographical location of your computer. We also use Google Analytics to collect details of how you use our site, as well as anonymous data that you enter into our forms. We do this to help us analyse how visitors use our site (including behaviour patterns and the tracking of visits across multiple devices), administer our site and manage your account. Google Analytics doesn’t collect information that identifies a visitor to our site. All the information that is collected is anonymous and is only used to improve how our site works. We do not allow Google to make any attempt to establish the identities of any users of our site.
For details about how we use cookies, please see our Cookies Policy.
4 How we use and disclose Personal Data
4.1 General purposes
We collect, hold, use and disclose Personal Data about individuals for a variety of business purposes.
These include, without limitation, to:
- monitor and evaluate the performance and security of our website and any other platform or application we may offer, including to:
- administer our site
- improve our site to ensure that content is presented in the most effective manner
- allow you to participate in interactive features of our services when you choose to do so
- analyse how visitors use our site (including behaviour patterns and the tracking of visits across multiple devices)
- improve your online experience
- facilitate the provision of our products and/or services to our clients and member businesses who have engaged us;
- facilitate the provision of such other products and/or services that we or others may offer from time to time and provide information about their availability, features and benefits;
- work with and procure goods and/or services from our suppliers and service providers;
- facilitate recruitment and selection of prospective personnel;
- facilitate conferences, training and education programs, and event management;
- provide and manage charitable assistance;
- issue newsletters and provide information on church services or other sponsored events;
- conduct audit, accounting, financial and economic analysis of our business operations;
- respond to enquiries or investigate and resolve complaints;
- protect our legal rights, investigate suspected fraud or other misconduct, or assist law enforcement agencies; and
- comply with our legal and regulatory obligations.
We may also use and disclose Personal Data we collect for other purposes that are permitted, required or authorised by applicable law, such as:
purposes which you would reasonably expect and which are related (and, in the case of Sensitive Data, directly related) to the primary purpose of collection of Personal Data; and
any other purposes for which you have given your consent.
4.2 Marketing
We will only use or disclose your Personal Data for the purposes of direct marketing (e.g. in relation to products and/or services we may offer from time to time) where we have your consent or we are otherwise permitted by law to do so.
You are free to opt out from receiving marketing communications from us, by:
following the “opt out” process indicated in a marketing communication you have received;
emailing us at privacy@ubteam.comat any time requesting that your name and email address be removed from our marketing lists; or
following such other process that is made available for this purpose from time to time.
4.3 Disclosure of Personal Data
In order to perform activities in connection with the purposes described in this Privacy Policy, we may make Personal Data available to other persons or entities, or disclose it to them, including:
GAP Global Members;
our suppliers and service providers, including those to whom we outsource certain of our information technology functions (e.g. cloud service providers). We authorise our suppliers and service providers to use or disclose your Personal Data only as necessary to provide us with supplies or perform services on our behalf, or to comply with legal requirements. We require suppliers and service providers by contract to safeguard the privacy and security of Personal Data they process on our behalf;
any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of our assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Data would be transferred as an asset of ours;
other related bodies corporate;
government, regulatory, judicial or law enforcement authorities;
accountants, insurers, auditors, lawyers and our professional advisers; and
any other third parties notified to you at or around the time we collect your Personal Data (together, the Required Recipients).
We disclose this Personal Data for the following reasons: (1) the disclosure is necessary for us to provide our services; (2) it is in our legitimate interest to disclose this data for the purposes of providing our services; (3); the disclosure is necessary for us to comply with our legal obligations or applicable law; or (4) we have consent, where applicable or required under law.
We may disclose Personal Data to GAP Global Members and Required Recipients who are located in Australia, Argentina, the Caribbean, North America, Europe, New Zealand, the United Kingdom and the United States, Canada.
Where we transfer your Personal Data outside the EEA or the United Kingdom, we have rules and steps put in place to make sure your personal data is kept safe and protected. Usually this means we’ll have standard contractual clauses approved by the European Commission in our contracts with parties outside the EEA, or we will rely on European Commission adequacy decisions.
5 How we hold Personal Data
We hold Personal Data both electronically and in paper form.
We maintain administrative, technical and physical safeguards designed to protect Personal Data from misuse and loss, and unauthorised access, modification and disclosure.
We will process your Personal Data for as long as is necessary for the purpose(s) for which it is collected and processed. Unless the law requires otherwise or we need the Personal Data to establish, exercise or defend a legal claim, we take reasonable steps to destroy or permanently de-identify Personal Data if it is no longer required.
6 Your rights to your Personal Data
As provided by applicable data protection law, the following rights may apply for personal data collected, used and disclosed by us:
Access: You have the right to be told about how your personal data is processed, and have access to such personal data.
Correction: Where your personal data is incorrect, you may request that we rectify the personal data we hold. Please take care to ensure details provided to us are kept up to date.
Portability: In some cases, you can request that your personal data we hold is provided to you in a structured, machine-readable format, and can require us to transfer your personal data to another data controller.
Right to be forgotten: You may have the right to require us to erase personal data concerning you.
Right to restrict processing: In some cases, you may require us to restrict the processing of your personal data.
Right to object: In some cases, you may have right to object to the processing of your personal data.
Withdrawal of consent: You may withdraw your consent (in cases where we rely on consent) at any time. If consent is withdrawn it may have consequences such as we may no longer be able to provide certain services or communications.
To exercise these rights, please contact us using the details in the Contact Us section below. Please include sufficient details so we can understand the nature of your requests. We may need to request personal data in order to verify identity. In some cases we may respond that a request will not be actioned where permitted or required under law.
7 Enquiries and complaints
If you wish to make an enquiry or complaint to us regarding privacy matters, you should contact us in writing using the contact details at the end of this Privacy Policy. We will endeavour to respond to your enquiry or complaint promptly. Please include sufficient details so that we can understand the nature of your enquiry. We may need to request personal data in order to verify your identity.
You also have the right to lodge a complaint with the competent data protection supervisory authority.
8 Third party sites
Please remember that when you use a link to go from our website, platform or application to another website, this Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including websites which are linked to our website, platform or application is subject to that website’s own rules and policies. We are not responsible for the content or the conduct of the organisations accessed via links to such third party websites.
9 Contact us
You may contact us in relation to privacy matters at:
Address: UK Regional Office, The Precinct, Poseidon Way, Warwick, CV34 6BY, UK
Email: privacy@ubteam.com
All correspondence attention: Privacy Officer
Privacy Policy Dated: January 2021