The General Data Protection Regulation (GDPR) imposes strict controls on how all organisations collect and process personal data within the EU and or the personal data of EU citizens.
The enforcement of the GDPR is overseen by the UK’s supervisory body, the Information Commissioner’s Office (ICO). The ICO ensures that everyone is compliant with GDPR and that the rights of data subjects (the people whose data is being processed) is correctly protected.
Those individuals or businesses which determine the purposes and means of processing personal data are referred to as data controllers under the GDPR, whereas a data processor is responsible for the processing of data on behalf of the data controller.
We have reorganised our Privacy Notice to make it clearer and easier to find the information you want. We’ve also added further details about the data we collect, how it is used and what your rights are.
We have also updated our Data Protection Policy.
Should you outsource your payroll to us then we act as the data processor and you remain the data controller in accordance with the contractual relationship you have with us. Data is held and processed in accordance with our Data Retention Policy and Privacy Notice.
If you have any additional questions, please contact us at firstname.lastname@example.org.