Under data protection law, we have certain legal responsibilities about how we collect, use and share your personal information.
This policy explains our privacy practices and covers the following:
- The type of individuals whose personal information we collect
- What personal information about you we collect and use
- Sources of personal information
- How we use your personal information
- Who we share your personal information with
- How long we retain your personal information for
- Any transfers involving your personal information
- How we legally justify using your personal information
- Your legal rights in relation to your personal information
- Other relevant information, including how to contact us.
There are eleven individual entities within the Fastflow Group, all of whose registered address is Units 11 & 12 Parsons Road, Parsons Industrial Estate, Washington, Tyne & Wear.
2.1 If your relationship is with Fastflow Group Limited, the relevant data controller for your personal information is Fastflow Group Limited, a company registered in England with company number 05114630.
2.2 If your relationship is with Fastflow Holdings Limited, the relevant data controller for your personal information is Fastflow Holdings Limited, a company registered in England with company number 10523632.
2.3 If your relationship is with Fastflow Investment Limited, the relevant data controller for your personal information is Fastflow Investment Limited, a company registered in England with company number 10523717.
2.4 If your relationship is with Fastflow Pipeline Services Limited, the relevant data controller for your personal information is Fastflow Pipeline Services Limited, a company registered in England with company number 02673066.
2.5 If your relationship is with Fastflow Energy Services Limited, the relevant data controller for your personal information is Fastflow Energy Services Limited, a company registered in England with company number 8086718.
2.6 If your relationship is with DW Contractors (Oxford) Limited, the relevant data controller for your personal information is DW Contractors (Oxford) Limited, a company registered in England with company number 01990656.
2.7 If your relationship is with Oxford Manpower Limited, the relevant data controller for your personal information is Oxford Manpower Limited, a company registered in England with company number 08911962.
2.8 If your relationship is with Partner Group UK Limited, the relevant data controller for your personal information is Partner Group UK Limited, a company registered in England with company number 07526123.
2.9 If your relationship is with Partner Construction Limited, the relevant data controller for your personal information is Partner Construction Limited, a company registered in England with company number 07410551.
2.10 If your relationship is with Partner Contracting Limited, the relevant data controller for your personal information is Partner Contracting Limited, a company registered in England with company number 03512999.
2.11 If your relationship is with Partner Investments Limited, the relevant data controller for your personal information is Partner Investments Limited, a company registered in England with company number 08759439.
3. Whos personal information do we collect
We collect and use personal information relating to the following types of individuals:
- Contacts at our existing clients – we collect and use contact details of people who we liaise with at organisations who are our existing clients i.e. organisations who appoint us to deliver services.
- Contacts at our potential clients – you may express an interest in our services, for example by phoning us or registering an interest via an email or on our website, or we may contact you where we consider that you may be interested in our services.
- Customers – where we supply goods, properties or services directly to individual customers we will need to collect and use contact details
- Claimants – we collect and use certain personal information about individuals who make a claim directly against us. Occasionally, the claim may relate to children or a vulnerable person, with the claim being brought by a parent or other adult with responsibility for them.
- Visitors to our offices or sites – we also collect certain information about people who visit (or who come in close proximity to) our offices or sites or places where we are working.
- Contacts at our advisors and other third party suppliers – we collect and use certain personal information about contacts who work at organisations who provide goods and services to us, i.e. our suppliers and organisations with whom we partner to provide our services, as well as advisors who provide legal, financial services and other advice to our business.
4. What personal information about you we collect and use
Depending on whose personal data we collect and use (as indicated above) the information will generally consist of:
- Clients & potential clients: name, job title, email address and work address.
- Claimants: name, address, email, date of birth, any relevant medical details (as appropriate, including for claims brought on behalf of children);
- Visitors to our sites and other people who come into contact with, or close proximity to, our offices and sites and places where we work:
- CCTV recordings from static cameras placed around the outside of our buildings – these face the exterior of our building, particularly exits and entrances;
- images from body worn cameras (for certain sensitive sites where we are operating),
- details of your vehicle registration, name, place of work, your contact details – which guests provide when they visit our sites/offices for appointments or meetings,
- Video images of people who are in the immediate vicinity when we record video images for highway surveys undertaken to record the condition of the highway in advance of works – for example, this may unintentionally involve us recording people in the vicinity at that time.
- Advisors / thirty party suppliers: name, job title, email address, phone number and work address.
- Information recorded from phone calls with our call centre – we record details of your name, address and other contact details and any other personal information which is provided during the call.
5. Sources of personal information
- Information you provide: the information you provide where you or your organisation provides to us or receives services from us; or when you get in touch with us, for instance registering an interest by emailing us, have a telephone conversation with our call centre, or if we meet at a networking event and you provide your business card; or when you get in touch directly in the event of a complaint or claim.
- Information from your employer: your employer may pass us your contact details, for instance if you are to act as someone who we will be liaising with regarding a project.
- Information from a solicitor or insurer: if you are a member of the general public and you make a claim against us, your solicitor or insurer may pass us your contact details.
- Information from publicly available sources: we may occasionally obtain limited personal information from the internet or from sources such as LinkedIn.
- Information collected by CCTV or other video cameras: if you are a member of the public or other individual who visits or comes into close proximity with our sites, we may collect personal information about you via CCTV. At certain high security sites, we may also use body worn cameras to collect images of people who visit or come into close proximity with the site, for instance protesters or demonstrators. We also record images of highways, as part of undertaking condition surveys prior to works being carried out – this may unintentionally involve us recording people in the vicinity at that time
6. How we use your personal information
- Day to day communications with customers, suppliers and other third parties who we work with – we need to communicate effectively and efficiently with our clients, advisors and third party suppliers, in order to facilitate our provision of high quality and timely communications and services, including service delivery, compliance with all operational, technical, health, safety, environmental & governance standards. Similarly, where your organisation provides services to us, we will need to know which individuals at your organisation we need to communicate with and keep details of your personal information on our systems, including for selection, health & safety and compliance requirements. Therefore, we use personal information for day to day communications with such parties.Our communication methods include written correspondence, email, telephone, online video conferencing and face to face meetings.
- Assessment of claims – we need to assess and process personal information relating to a claim that someone may make against us. This may involve us using a claimant’s personal information in our defence or other legal documentation and for obtaining legal advice or insurance etc..
- Safety and security of our offices and sites – we collect personal information about you via CCTV at our offices and certain sites where we operate. We record images in this manner for security reasons, to protect our assets and staff, but also to ensure compliance with operational health and safety standards and general governance standards. In more limited occasions, we may also use body worn cameras at particularly sensitive sites where we operate, again for security reasons and to protect the integrity of our business. Where we unintentionally record images of passers-by when undertaking video based surveys of highways, we do not actually use the personal information contained in such recordings.
- Customer care – from time to time we monitor certain external phone calls (incoming and outgoing) between our call centre and customers and other third parties with whom we interact. We record the phone calls so that we can keep a short term record of the conversation and use it for staff training, recording details of complaints or other incidents and to improve customer care where appropriate.The call recordings are not shared outside of our business.
- Business development – as a business, we do not conduct major marketing campaigns using personal information. We do however from time to time use limited personal information (business contact details) to get in touch with existing and potential clients, in order to promote our services and build relationships and to develop and manage existing relationships. For instance, we use LinkedIn, phone calls and emails to invite clients to events.
- Managing accounts and other internal administrative purposes – we process personal information for other internal administrative purposes, including in relation to setting up and managing accounts with our clients and suppliers, paying and raising invoices etc.
7. Parties who we share your personal information with
Your personal information is shared with the following parties:
- From time to time your personal information may be shared internally, with other entities in the Fastflow Group. These entities may include:
- Fastflow Holdings Limited;
- Fastflow Investment Limited;
- Fastflow Pipeline Services Limited
- Fastflow Energy Services Limited
- DW Contractors (Oxford) Limited.
- Oxford Manpower Limited;
- Partner Group UK Limited;
- Partner Construction Limited;
- Partner Contracting Limited; and
- Partner Investments Limited
- Solicitors – as required in relation to the provision of legal services;
- Auditors – as required for the audit of financial statements, tax compliance and advice;
- Motor insurers – as required in connection with motor insurance claims;
- Claims handlers – in order to assess claims for liability insurance policies;
- Clients – to ensure the employee of a subcontractor meets the technical, behavioural, health and safety requirements of the client to the client’s satisfaction;
- IT service providers – suppliers who provide hosting of our IT services or who provide support and maintenance services for our IT systems may occasionally have supervised access to parts of our IT systems which contain personal information for maintenance and support purposes;
- Providers of CCTV / body worn camera images – we use third party providers to operate CCTV and body worn cameras for us;
- The police – we are occasionally contacted by the police asking for CCTV footage, for instance relating to incidents outside our offices;
- Solicitors, insurers and the courts – where we have obtained personal information from claimants we may need to share such information as part of defending a claim; and
- Local Authorities – where we record video images of highways, we may share such images with local authorities where relevant.
Where we share personal information with third parties, where possible, we generally have contracts in place with such third parties, which ensures that they will protect your personal information and not use it for any purposes beyond delivering their services to us.
8. How long we retain your personal information for
The length of time that we retain your personal information for varies, according to the type of individual whose personal information we have collected, and what this is being used for:
|Type of individual||Applicable retention period|
For the duration of the contract between us plus 6 years.
|Individual customers||For the duration of the sale of goods, properties or services plus warranty periods or six years, whichever is greater.|
|Claimants||Until the claim is resolved|
|Personal information in CCTV recordings and telephone call recordings|
28 days unless we have reasonable grounds to consider that we may need to retain the information for longer, for instance if it contains evidence relating to a potential legal claim or criminal act.
|Images from body worn cameras||3 months unless we have reasonable grounds to consider that we may need to retain the information for longer, for instance if it contains evidence relating to a potential legal claim or criminal act.|
|Images from highway video recordings|
For the duration of the contract between us and the client plus 6 years.
|Our advisors and other third party suppliers|
For the duration of the contract between us and such third parties plus 6 years.
2 years, unless there are reasonable grounds for longer retention.
9. Transfers of your personal information
Unless you request us to do so, we will not actively transfer your personal information outside the European Economic Area (EEA), it will be stored on servers based in the United Kingdom. If you use an email service provider whose servers are based outside of the EEA then please note that any related transfer of your personal information is outside of our control.
10. Legal grounds for processing your personal information.
Every use that we make of your information must meet a legal ground in the list set out by data protection law. The legal grounds which we rely on are as follows:
- Dealing with claims: When we handle personal information in relating to public liability or other claims that are brought directly against us, the legal grounds which we rely on are as follows:
- When this involves handling medical details – the establishment, exercise or defence of a legal claim.
- Where we are subject to liability claims on behalf of a child or other vulnerable person – we will always seek to obtain the explicit consent of their parent or legal guardian or independent advocate, as appropriate, before processing personal information relating to the child or vulnerable person.
- Generally for other personal data – to achieve our legitimate business interests, in a situation where your rights are not jeopardised so as to override this. Our legitimate interests would be to defend ourselves from a claim.
- CCTV and use of body worn cameras – the legal grounds which we rely on are as follows:
- Where the images are just of people’s faces, bodies’, cars, clothing etc., then the legal ground we rely on is that such use is necessary to achieve our legitimate business interests, in a situation where your rights are not jeopardised to as to override our interests. The specific legitimate interests are for security reasons, to protect our staff, offices, assets and sites from vandalism and theft and other criminal acts.
- Where the images are of a more sensitive nature, for example body worn video may occasionally capture images and sounds – our justification for recording such images are where relevant:
- that the personal information is manifestly made public by the individual; or
- that we will need to collect, use and retain such information for the establishment, exercise or defence of a legal claim.
- Marketing – where we do send marketing communications to clients and /or potential clients, we will only do so if we have first obtained their prior consent to receiving such marketing communications.
- enabling us to provide effective communications with our clients, advisors, suppliers and where applicable members of the general public;
- managing accounts and relationships with clients and third party suppliers;
- to operate our services efficiently and effectively; and
- to protect our assets and our staff.
11. Your rights in relation to your personal information
If you have any questions in relation to our use of your personal information, you should first contact us using the contact details in paragraph 10 below. Under certain conditions, you may have the right to:
- require us to provide you with further details on the use we make of your personal information;
- require us to provide you with an electronic copy of personal information that you have provided to us;
- require us to update any inaccuracies in the personal information we hold;
- require us to transfer a copy of your personal information to another data controller, in a structured, machine readable and commonly used format;
- require us to delete any personal information that we no longer have a lawful ground to use;
- require us to restrict our use of your personal information;
- where the processing of your personal information is based on us receiving your consent, the right to withdraw your consent at any time;
- if we indicate that we use your personal information for direct marketing purposes , a right to object to receiving any further direct marketing from us at any time;
- complain to the Information Commissioner at any time;
- Your exercise of these rights is subject to certain conditions and exemptions, for example to safeguard the public interest in investigating crimes, or protecting legal privilege. If you exercise any of these rights we will check your entitlement and respond in most cases within a month.
If you are not satisfied with our use of your personal information or our response to you, you can complain to the contacts listed at paragraph 10 below.
12. Other Information
We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to your personal information, by contacting us as set out below.
We are required to employ adequate technical and organisational security measures to protect your personal information from any loss, destruction, damage or unlawful disclosure. However, no transmission of personal information can ever be guaranteed as secure. Consequently, please note that we cannot guarantee the security of any personal information which you transfer to us or which we transfer to you.
If you would like further information about the matters set out in this policy, please contact the Nominated Person, contact details below.
- Shaun Hastings, Group Director
- Keith Gold, Business Standards Director
- Jessica Owen, Financial Controller and
- Ben Rattigan, Group IT Manager
All based at Fastflow Group Limited, 11 & 12 Parsons Road, Parsons Industrial Estate, Washington, Tyne & Wear, telephone 0191 4157744