New Page 1

Welcome to the NISI Enterprises Privacy Notice

This information has been produced to help you understand everything you need to know about the way NISI Enterprises collects, uses and shares personal data, what your legal rights are and how to exercise them.

We hope you’ll take some time to read this document; we’ve tried to keep it all as simple as possible and to avoid jargon, and we’ll make our best efforts to keep you informed if there are any changes to the way we process your personal data in the future.

NISI Enterprises takes its responsibility of protecting your data very seriously and we do advise you get to know our practices – If there’s anything here you don’t understand or if you want to ask any questions, please feel free to contact us (detail are at the end).

Who is the Data Controller?

We are NISI Enterprises, a  UK limited organisation… registered in England.

Registered address:	Business Box 2 Oswin Road, Brailsford Industrial Estate, Leicester, Leicestershire, LE3 1HR
Registered number:	06041259

In this document NISI Enterprises may be referred to as “we”, “us”, or “our”.

What kinds of personal data does NISI Enterprises process?

NISI Enterprises collects personal data for specific purposes; with that in mind we have created a list of the types of personal data that we may collect, either directly from yourself or from other sources, in order to achieve those purposes.

The kinds of personal data we may collect are:

If you are a:	We may process these types of personal data:
Job applicant / Temporary or agency Staff /	Name, address, telephone, email, work and education history,
Candidate	Name, address, DOB, telephone, email, health information,  proof of ID, copies of qualifications, GMC numbers, work history, DBS checks, resident permits, passport details (including biometric details), details of indemnity insurance.
Client	name, address, email, phone number
Sub-Contractor	Name, address, telephone, email,

What are the purposes NISI Enterprises collects personal data for?

NISI Enterprises uses personal data firstly to fulfil any contractual obligations that exist between us and yourself; where we request personal data be provided to enter into, or meet the terms of any such contract, you will be required to provide the relevant personal data or we will not be able to deliver the goods or services you want. In such cases the lawful basis of us processing the personal data is that it is necessary for the performance of a contract.

We are required by law to process personal data for purposes relating to our legal obligations, these include:

·         To provide for the organisations’ financial commitments, or to relevant financial authorities

·         To comply with regulatory requirements and any self-regulatory schemes

·         To carry out required business operations and due diligence (E.g. administration, reorganisations, security, investment or corporate/asset sales)

·         To cooperate with relevant authorities for reporting criminal activity, or to detect and prevent fraud

·         To investigate any insurance claims, claims of unfair dismissal, claims of any kind of harassment or of discrimination, or any other claim whereby the organisation may have to defend itself

We will also process personal data to achieve our various legitimate business interests; these are purposes that have been defined by us where we have balanced the necessity on our part to process the data for each purpose against your own expectations, interests and legal rights.

Our legitimate interests for processing personal data are:

·         To provide goods and services where it has been requested

·         To inform customers of other goods and services we provide or offers that may interest them

·         To send notification on subjects to individuals who have asked to be kept informed (i.e. subscribers)

·         To invite people to participate in research and surveys in fields and disciplines they are interested in

·         To improve the quality of the services offered, and to better understand customers’ needs by requesting feedback, or reviews of the services provided, or sending survey forms

·         To recognise when people re-engage with the organisation

·         To allow the organisation to support and maintain its products in active service

Where we process special categories of personal data other than when we have your consent to do so, we will rely on one or more of the following lawful basis: ·         It is necessary for preventive or occupational medicine, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems or pursuant to contract with a health professional. ·         It is necessary for reasons of public health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices.

Where does NISI Enterprises obtain personal data from?

We will collect personal data directly from you in various ways. This could include when you complete an online form, or if you provide the data directly to a representative of NISI Enterprises.

Who will NISI Enterprises share your personal data with?

In order to achieve the above stated purposes for which we process your personal data, we may have to share your personal data with some specific third-party organisations.

We shall make all reasonable efforts to ensure that any third-party we share your personal data with is also compliant with data protection law.

The third parties we may share your personal data with include: ·         Third party data processers or data controllers necessary to setup various resources. ·         Regional and/or local government authorities.

The specific types of third-party NISI Enterprises may share your personal data with include: Outsourced IT company, outsourced CRM solution

NISI Enterprises is not responsible for the data protection compliance of any of these third parties.

If we sell or reorganise our business, or if otherwise required by law or by an authorised regulator, we may transfer your personal data as a part of the general business data to the relevant parties.

Where will NISI Enterprises store your personal data?

As a part of our standard business practices, we may transfer your personal data to countries outside the European Union (EU), or to organisations who intend to transfer the data outside the EU.

How long will NISI Enterprises keep your personal data for?

We will keep your personal data only for as long as required in order to achieve the purposes for which it was collected, in line with this privacy notice.

The following criteria apply that determine the period for which we will store your personal data:

·         Until we are no longer required to do so in order to comply with any regulatory requirements or financial obligations that we are subject to.

·         Until we are no longer required to do so by any law it is subject to.

·         Until all purposes for which the data was originally gathered have become irrelevant or obsolete.

Where the lawful basis of our processing is based on protection of vital interests and insofar any relevant health and safety obligations apply, NISI Enterprises may retain your personal data for up to 40 years. 

Your Rights, Our Responsibility

There are several rights granted to you immediately upon providing us with your personal information; some of these are mentioned above. We’d like you to know that at NISI Enterprises we take your rights as a Natural Person seriously and will always conduct ourselves in a way that is considerate of our responsibility to serve your legal rights.

The Right of Access

This grants you the right to confirm whether or not your personal data is being processed, and to be provided with relevant details of what those processing operations are and what personal data of yours is being processed.

If you would like access to the personal data we have about you, we ask that you contact us by using our details below.

The Right to Rectification

This one is fairly straight forward; if you notice that the data we have about you is inaccurate or incomplete, you may request we rectify the mistake. We will make every effort to respond to requests of this type immediately.

The Right to Objection

The right to object is a basic freedom all democracies enjoy. If you wish to object to the way we use, or have used, your personal data you may do so freely.

The Right to Portability

This is a legal right afforded to you that states we must pass on all of the details you have provided to us in a machine-readable format, either to your or to another provider of your choosing.

The Right to Complain

We will always try to maintain the highest standards and encourage the confidence our customers have in us as an organisation. In order that we can achieve this we do request that any complaints be first brought to our attention so we can properly investigate matters; if however you would like to complain about NISI Enterprises to a supervisory authority you may do so by contacting the Information Commissioners Office on 0303 123 1113, or by visiting their website - https://ico.org.uk/concerns

NISI Enterprises contact details:

	NISI Enterprises Ltd Trading As NISI Staffing
	Business Box, 2 Oswin Road, Braunstone, Leicester, LE3 1HR
	0116 279 5175
	info@nisistaffing.co.uk
Who is the NISI Enterprises Data Protection Officer? Ametros Group Ltd Lakeside Offices, Thorn Business Park Rotherwas Industrial Estate Hereford Herefordshire England HR2 6JT T: 0330 223 2246 @: dpo@ametrosgroup.com W: www.ametrosgroup.com