Company name: Somerville Group Limited
Registered Office: Bankside 300 Peachman Way, Broadland Business Park, Norwich, Norfolk, United Kingdom, NR7 0LB
Registered No: 09454005 in England and Wales
Somerville Group Limited is committed to keeping your data confidential
We understand that your privacy and the security of personal information is extremely important. This notice sets out what we do with personal information, what we do to keep it secure, from where and how we collect it, as well as rights in relation to the personal information we hold about.
Personal information is, where appropriate, shared within Somerville Group Limited. We use a number of third parties to process personal information on our behalf however, we have processes in place to ensure they also maintain the security of the information.
You have a number of rights over your personal information. How you can exercise these rights is set out in this notice.
We do not send direct marketing.
We will limit the collection and processing of Sensitive Information (as defined under the General Data Protection Regulation (GDPR) as much as is practically possible.
Who are we?
When we say ‘we’ or ‘us’ in this policy, we’re referring to Somerville Group Limited.
Our registered address is: Bankside 300 Peachman Way, Broadland Business Park, Norwich, Norfolk, United Kingdom, NR7 0LB
You can contact us in the following ways:
By writing to us at the above address
By emailing us at firstname.lastname@example.org
By telephoning us on 01787 464400
What sorts of personal information do we hold?
Information that you provide to us such as your name, address, date of birth, telephone number, email address, and bank account details and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;
Information required to for certain areas of business such as your employment details, financial position, information taken from identification documents such as your passport or driving licence, your insurance, criminal and medical history.
Your login details for our systems, including your user name and chosen password;
Information about any device you have used to access our Services (such as your device’s make and model, browser or IP address) and also how you use our Services. If you use our websites, we try to identify when and how you use those websites too;
Your contact details and details of the emails and other electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication.
Information from other sources such as specialist companies that provide customer information (like credit reference agencies such as Experian, fraud prevention agencies, claims databases, marketing and research companies) and social media providers, as well as information that is publicly available.
Further information about the specific types of information that we collect and process are set out in the “How we use your information” section below.
Our legal basis for processing your personal information
Whenever we process your personal information we have to have something called a “legal basis” for what we do. The different legal basis we rely on include:
Consent: You have agreed to us processing your personal information for a specific purpose;
Legitimate interests: The processing is necessary for us to conduct our business, but not where our interests are overridden by your interests or rights.
Performance of a contract: We must process your personal information to meet the terms of your contract with us;
Prevention of fraud: Where we are required to process your data in order to protect us and our customers from fraud or money laundering;
Vital interests: The processing of your personal information is necessary to protect you or someone else’s life;
Legal claims: The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity; and
Legal obligation: We are required to process your personal information by law.
How do we use your information?
There are a number of ways in which we use your personal information, depending on why you are interacting with us.
If you are a an employee
When you apply to join us as an employee, we will collect certain information about you including your name, phone numbers, email address and bank details. The relevant teams will have access to all of this information. Some of this information will also be made available to other departments as needed, for example the finance team to process your payment information.
We process this data to ensure we comply with our contractual obligations we have with you.
If you are a supplier/provider
In order to work with our suppliers/providers, we will collect information such as the names, contact numbers and email addresses of relevant employees discuss your services, to manage our contractual obligations and billing arrangements. This information may be shared with colleagues within the company that are involved in our supply chain including finance team members, operations managers and service users.
If we have a legal obligation to do so
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
How will you obtain my consent when required?
As outlined above, there may be instances where our basis for processing your personal data is that you have provided your consent. In these circumstances, we will explain to you in writing what personal data we need and why, whether we need to disclose your personal data to any third party who and why, how long we will store the personal data, your rights of access to the personal data, your options for consenting or refusing to consent or withdrawing consent, and the implications of consenting or refusing to consent or withdrawing consent. Please note that it is not a condition of engagement with us that you have to agree to any request for consent from us. We will only process your personal information without your knowledge or consent where this is required or permitted by law.
Recipients we share your data with
We may share your personal information with the following recipients:
Provider partners and service delivery companies that support us in the provision of goods and services to you
Government bodies and agencies (e.g. HMRC for tax purposes)
Regulators (e.g. Information Commissioner’s Office, Financial Conduct Authority)
Agents and sub-contractors who help us provide services (we employ other companies and individuals to perform functions on our behalf. Examples include IT support service and performing legal and other professional services. Those companies and individuals have access to your data as needed to perform their functions, but they are not permitted to use it for other purposes)
Third party service providers (e.g. when we outsource some of the operations of our business to third party service providers. We restrict how such service providers may access, use and disclose your data)
Credit reference agencies
Legal and professional advisors, including auditors
Courts, to comply with legal requirements, and for the administration of justice
In an emergency to protect your vital interests
To protect security or integrity of our business operations
When we restructure our business or have a merger or re-organisation
Anyone else where we have your consent or as required by law
Transfer of personal data outside the European Union (EU)
We are committed to implementing technical and organisational measures that, by default meet the requirements of the data protection legislation and the appropriate level of security. We will not share your personal data with a third party organisation without a valid business reason, a contract or Data Sharing Agreement in place, or without your consent. We will not transfer your personal data to organisations outside the European Union (EU) unless that country or territory can ensure an adequate level of protection in relation to the processing of your personal data.
How long do we keep your data?
We retain your data primarily to meet statutory and regulatory obligations; secondly, your data is retained to enable us to pursue our legitimate business interests. Our retention schedules are available on request.
In some circumstances, we may anonymise your personal information so that it can no longer be associated with you; in such circumstances we may use such information without further notice to you.
You have a number of rights under data protection legislation which, in certain circumstances, you may be able to exercise in relation to the personal information we process about you. These include:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Where we rely on consent as the legal basis on which we process your personal information, you may also withdraw that consent at any time.
If you are seeking to exercise any of these rights, please contact us using the details in the “Contact Us” section below.
Requests, complaints or queries
We try to meet the highest standards when processing personal information. For this reason, we take any requests, complaints or queries we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.
This privacy notice does not provide exhaustive detail of all aspects of our processing of personal information. However, we are happy to provide any additional information or explanation needed.
If you want to make a query, request, or a complaint about the way we have processed your personal information you can contact us directly:
By writing to us at our registered address (above)
By emailing us at email@example.com
By telephoning us on 01787 464400
Alternatively, you have the right to lodge a complaint with the regulator which oversees data protection law:
Information Commissioner’s Office
Tel: 0303 123 1113
Changes to this privacy notice
We keep our privacy notice under regular review. Notifications of changes to this privacy notice will be via email. This privacy notice was last updated in May 2018.
When you visit our site, we install a selection of Cookies on your computer, and as we believe you have a right to know, we’d like to make aware of this. The Cookies are simple text files, and don’t save any identifiable personal data about you on your computer. They are a way for us to recognise if you’ve visited our website before, which provides us with Analytics data from Google about our website traffic levels, and improve user experience.
Variety is the spice of life, which is why there is more than one type of Cookie and we thought we’d explain what this means for you, the user.
Strictly Necessary Cookies are installed automatically as you wouldn’t be able to use the internet without them. They can’t gather information that could be used for marketing purposes. They are used for navigational purposes, and store your preferences. For example, these Cookies are placed on your computer when you choose to reduce a drop down menu, and then navigate to a another page on the website. The drop down menu showing on the new page, will remain reduced.
Performance Cookies only collect information about how you’ve used our website, for our benefit. For example, this includes Analytics – where the data we collect enables us to better manage the overall performance and design of our site.
By continuing to view our site, you are consenting to us storing cookies within your browser for the reasons described.