Everyone has rights with regard to the way in which their personal data is handled. During the course of our business, we will collect, store and process personal data about our employees, customers, suppliers and other third parties, and we recognise that the correct and lawful treatment of this data will maintain confidence in the organisation and will provide for successful business operations. 

Data processors are obliged to comply with our policies when processing personal data on our behalf and any breach may result in disciplinary action. 

The types of personal data that we may be required to process includes information about current, past and prospective employees and others that we communicate with.  

The personal data, which may be held on electronic and/or paper format is subject to certain legal safeguards specified in the General Data Protection Regulation and the Data Protection Act 2018 and other regulations as may be amended from time to time. 

This statement and any other relevant privacy statements and policies set out the basis on which we will process any personal data we collect from data subjects, or that is provided to us by data subjects or other sources. 

This statement does not form part of any employee's contract of employment and may be amended at any time. 

The Data Protection Policy, which is available from the Trust Administrator sets out rules on data protection and the legal conditions that must be satisfied when we obtain, handle, process, transfer and store personal data. 

We will, where required, put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. Personal data will only be transferred to a data processor if he/she agrees to comply with those procedures and policies, or if he/she puts in place adequate measures for compliance.