Data Protection Compliance Statement
Data Protection Compliance Statement
This is a statement of Data Protection Compliance adopted by Wolf Enforcement Services for undertaking trace or trace and collect/enforce enquiries
Wolf Enforcement Services will, during such enquiries, collect and use personal information which must be dealt with properly however it is collected, recorded and used; whether on paper, in a computer, or recorded on other material.
We regard the lawful and correct treatment of personal information by the company as critical to maintaining the confidence of our clients; we, therefore, treat personal information lawfully and correctly.
To this end, we fully endorse and adhere to the Principles of Data Protection, as set out in the Data Protection Act 1998.
Specifically, the Principles require that personal information:
· Shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met
· Shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes
· Shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed
· Shall be accurate and, where necessary, kept up to date
· Shall not be kept for longer than is necessary for that purpose or those purposes
· Shall be processed in accordance with the rights of data subjects under the Act
· Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
· Shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
Wolf Enforcement Services will, through appropriate management, strict application of criteria and controls:
· Observe fully the conditions regarding fair collection and use of information
· Meet its legal obligations to specify the purposes for which information is used
· Collect and process appropriate information and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements
· Ensure the quality of information used
· Apply strict checks to determine the length of time information is held
· Ensure that the rights of people about whom information is held are able to be fully exercised under the Act.
· (These include: the right to be informed that processing is being undertaken, the right of access to one’s personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase information which is regarded as wrong information.)
· Take appropriate technical and organisational security measures to safeguard personal information
· Ensure that personal information is not transferred abroad without suitable safeguards
· There is an individual with specific responsibility for data protection within the organisation
· Everyone managing and handling personal information understands that they are contractually and legally responsible for following good data protection practice
· Everyone managing and handling personal information is appropriately trained to do so
· Everyone managing and handling personal information is appropriately supervised
· Anyone wanting to make enquiries about handling personal information knows how to do so
· Queries about handling personal information are promptly and courteously dealt with
· Methods of handling personal information are clearly described
· A regular review and audit is made of the way personal information is managed
· Methods of handling personal information are regularly assessed and evaluated
· Performance of handling personal information is regularly assessed and evaluated
Data Protection Policy for Tracing
In cases where it is appropriate and reasonable, we will profile subjects’ names through various databases to which we have access. In some circumstances, depending on the nature of the enquiry, this may leave a “footprint” under the search purpose that clients have provided to us on the subject’s credit file.
Depending on the information we obtain from these databases, we may then determine further enquiries such as obtaining telephone numbers for addresses at which we believe the subject may be located. We may also utilise other public databases and/or Registries that we feel would be of value in this enquiry (e.g. Insolvency Register, Land Registry, London Gazette etc.).
Once this research has been completed, we may then conduct enquiries by telephone at and around the locations identified. At no stage will we divulge to a third party any personal data relating to the data subject.
Whatever the instruction, we confirm that no part of our enquiry will be sub-contracted to any other agent without prior client approval. We also confirm that no information concerning the data subject
At all stages of
DATA PROTECTION POLICY 05/10/2016
Wolf Enforcement Services Ltd collects and uses information about people with whom it communicates.
This personal information must be dealt with properly and securely however it is collected, recorded and used – whether on paper, in a computer, or recorded on other material – and there are safeguards to ensure this in the Data Protection Act 1998.
Wolf Enforcement Services Ltd regards the lawful and correct treatment of personal information as very important to the successful and efficient performance of its functions, and to maintain confidence between those with whom it deals.
The purpose of this policy is to ensure that the staff, volunteers and trustees of Wolf Enforcement Services Ltd are clear about the purpose and principles of Data Protection and to ensure that it has guidelines and procedures in place which are consistently followed.
Failure to adhere to the Data Protection Act 1998 is unlawful and could result in legal action being taken against Wolf Enforcement Services Ltd or its staff, trustee and Principles
The Data Protection Act 1998 regulates the processing of information relating to living and identifiable individuals (data subjects). This includes the obtaining, holding, using or disclosing of such information, and covers computerised records as well as manual filing systems and card indexes.
Data users must comply with the data protection principles of good practice which underpin the Act. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.
To do this Wolf Enforcement Services Ltd follows the eight Data Protection Principles outlined in the Data Protection Act 1998, which are summarised below:
Personal data will be processed fairly and lawfully
Data will only be collected and used for specified purposes
III. Data will be adequate, relevant and not excessive
Data will be accurate and up to date
Data will not be held any longer than necessary
Data subject’s rights will be respected
VII. Data will be kept safe from unauthorised access, accidental loss or damage
VIII. Data will not be transferred to a country outside the European Economic Area unless that country has equivalent levels of protection for personal data.
The principles apply to “personal data” which is information held on computer or in manual filing systems from which they are identifiable. Organisation Name’s employees, volunteers and trustees who process or use any personal information in the course of their duties will ensure that these principles are followed at all times.
The following procedures have been developed in order to ensure that Wolf Enforcement Services Ltd meets its responsibilities in terms of Data Protection. For the purposes of these procedures data collected, stored and used by Wolf Enforcement Services Ltd falls into 2 broad categories:
Wolf Enforcement Services Ltd internal data records; Staff, volunteers and trustees
Organisation Name’s external data records; Members, customers, clients.
Wolf Enforcement Services Ltd as a body is a DATA CONTROLLER under the Act, and the Executive Committee is ultimately responsible for the policy’s implementation.
Internal data records
Wolf Enforcement Services Ltd obtains personal data (names, addresses, phone numbers, email addresses), application forms, and references and in some cases other documents from staff, volunteers and trustees. This data is stored and processed for the following purposes:
Equal Opportunities monitoring
To distribute relevant organisational material e.g. meeting papers
The contact details of staff, volunteers and trustees will only
and trustees. Any other information supplied on
Contact details of staff, volunteers and trustees will not be passed on to anyone outside the organisation without their explicit consent.
A copy of staff, volunteer, trustee emergency contact details will be kept in the Emergency File for Health and Safety purposes to be used in emergency situations e.g. fire/ bomb evacuations. Staff, volunteers and trustees will be supplied with a copy of their personal data held by the organisation if a request is made.
All confidential post must be opened by the addressee only.
Personal data is kept in paper-based systems and on a password-protected computer system.
Every effort is made to ensure that paper-based data are stored in organised and secure systems.
Wolf Enforcement Services Ltd operates a clear desk policy at all times.
Use of Photographs
Where practicable, Wolf Enforcement Services Ltd will seek consent from individuals before displaying photographs in which they appear. If this is not possible (for example, a large group photo), the organisation will remove any photograph if a complaint is received. This policy also applies to photographs published on the
External data records
Wolf Enforcement Services Ltd obtains personal data (such as names, addresses, and phone numbers) from members/clients. This data is obtained, stored and processed solely to assist staff and volunteers in the efficient running of services. Personal details supplied are only used to send material that is potentially useful. Most of this information is stored
Wolf Enforcement Services Ltd obtains personal data and information from clients and members in order to provide services. This data is stored and processed only for the purposes outlined in the agreement and service specification signed by the client/ member.
Personal data is collected over the phone and using other methods such as e-mail. During this initial contact, the data owner is given an explanation of how this information will be used.
Written consent is not requested as it is assumed that the consent has been granted when an individual freely gives their own details.
Personal data will not be passed on to anyone outside the organisation without explicit consent from the data owner unless there is a legal duty of disclosure under other legislation, in which case the Director will discuss and
Only the organisation’s staff, volunteers and trustees will normally have access to personal data.
All staff, volunteers and trustees are made aware of the Data Protection Policy and their obligation not to disclose personal data to anyone who is not supposed to have it.
Information supplied is kept in a secure filing, paper and electronic system and is only accessed by those individuals involved in the delivery of the service.
Information will not be passed on to anyone outside the organisation without their explicit consent, excluding statutory bodies e.g. the Inland Revenue.
Individuals will be supplied with a copy of any of their personal data held by the organisation if a request is made.
All confidential post must be opened by the addressee only.
Wolf Enforcement Services Ltd will take reasonable steps to keep personal data up to date and accurate.
Personal data will be stored for as long as the data owner/ client/ member uses our services and normally longer. Where an individual ceases to use our services and it is not deemed appropriate to keep their records, their records will be destroyed according to the schedule in Appendix B. However, unless we are specifically asked by an individual to destroy their details, we will normally keep them on file for future reference.
If a request is received from an organisation/ individual to destroy their records, we will remove their details from the database and request that all staff holding paper or electronic details
This procedure applies if Wolf Enforcement Services Ltd is informed that an organisation ceases to exist.
Use of Photographs
Where practicable, Wolf Enforcement Services Ltd will seek
Criminal Records Bureau
Wolf Enforcement Services Ltd will act in accordance with the CRB’s code of practice.
Copies of disclosures are kept for no longer than is required. In most
6 months in accordance with the CRB Code of Practice. There may be
Responsibilities of staff, volunteers and trustees
During the course of their duties with Organisation Name, staff, volunteers and trustees will be dealing with information such as names/addresses/phone numbers/e-mail addresses of members/clients/volunteers. They may be told or overhear sensitive information while working for Organisation Name. The Data Protection Act (1988) gives specific guidance on how this information should be dealt with. In
To help staff, volunteers, trustees meet the terms of the Data Protection Act; the attached Data
Protection/Confidentiality statement has been produced. Staff, volunteers and trustees are asked to read and sign this statement to say that they have understood their responsibilities as part of the induction programme.
Compliance with the Act is the responsibility of all staff, paid or unpaid. Wolf Enforcement Services Ltd will
regard any unlawful breach of any provision of the Act by any staff, paid or unpaid, as a serious matter which will result in disciplinary action. Any employee who breaches this policy statement will be dealt with under the disciplinary procedure which may result in dismissal for gross misconduct. Any such breach could also lead to criminal prosecution.
Any questions or concerns about the interpretation or operation of this policy statement should in the first instance be referred to the line manager.
Retention of Data
No documents will be stored for longer than is necessary. For guidelines on retention periods
see the Data Retention Schedule.
All documents containing personal data will be disposed of securely in accordance with the Data Protection principles.
Subject Data Requests may be made by writing to
The Data Protection Officer
Wolf Enforcement Services Ltd
PO Box 3702
Please enclose a cheque for £10.00 made payable to Wolf Enforcement Services Ltd
Data Retention Schedule
Letters to/from 3rd Party on behalf of Client
|6 Months from Close of Case|
Emails to/from 3rd Party on behalf of Client
|6 Months from Close of Case|
3rd Party information to
(Trace Results, Copy Letters)
|6 Months from Close|
|12 Months from Close|
Letters sent via Template form (WES Database)
Letter before Action
Notice of Enforcement
Stage 1,2,3 B2B Debt Collection
|Copy to be kept for 6 months any request after deletion to supply
|2 years after final case close from Client|
|Body Worn Camera Footage||Please See BWC Data Protection Policy|
Policy updated on 05/10/2016 to reflect change to Postal Address to PO Box 3702