Data Protection and Personal Data Policy

MRL^® POLICY

Data Protection and
Personal Data Policy

Data Protection

MRL^® Public Sector Consultants Ltd (MRL ) policy on Data Protection and Personal Data is outlined below.

The rules for processing personal information, and it applies to paper records as well as those held on computer. The General Data Protection Regulation (GDPR) gives individuals certain rights, and imposes obligations on those who record and use personal information to be open about how information is used and to follow six data protection principles.

Personal data must be processed so that data are:

In the course of inputting personal details into the company’s database, and whenever a Mifare controlled door is activated, certain information is recorded. This information will be used only for safety and security reasons unless the company, i.e., MRL®, is required to make a disclosure on legal grounds.

Personal Data

MRL^® holds personal data on members of staﬀ, associates, and contractors. The data collected is necessary for compliance with employment law and the administration of an individual’s employment contract, irrespective of the country’s jurisdiction.

The information is used for a full range of staﬀ, contractor(s) and associate(s) administration including: to establish an employee’s training and development requirements; to assess an individual’s qualifications and suitability, including state of health, for a particular job or task; to gather further evidence where there is a prima facie case for disciplinary action; to administer the payroll and pension scheme; to pay fees, to establish a contact point in the case of an emergency (e.g. next of kin).

The information is also used, in aggregate and anonymised form, to monitor staﬀ vacancies and/ or available assignment positions and to check that no discrimination is taking place, and to enable MRL^® to take active steps to bring about fair treatment for all.

MRL^® POLICY