Privacy Notice & Cookie Policy

Privacy Notice

1. What is the purpose of this document?

1.1. Sir Robert McAlpine (SRM, or ‘we’, ‘our’, ‘us’) is committed to protecting and respecting your privacy and personal data. This privacy notice will inform you as to how we look after your personal data when we process it for specified purposes. and tell you about your privacy rights and how the law protects you.

1.2. Please read this notice carefully before you contact us, as it applies to any activity within our organisation which involves the processing (collection, use, storage, deletion) of your personal data, to ensure that you are informed as to how and why we are using your data. We recommend that you save a link to this notice, for future reference.

2. Who we are

2.1. Sir Robert McAlpine Limited (the data controller) is responsible for your personal data, where we process it for our purposes. We are registered in England and Wales under company number 00566823 and our registered office is at Eaton Court, Maylands Avenue, Hemel Hempstead HP2 7TR.

3. What kinds of data do we process?

3.1.1. Personal data, or personal information, means any information relating to an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). As part of our ability to operate effectively and in line with specific legal requirements we may process different kinds of personal data about you, for multiple purposes, for example marketing, employment, health and safety purposes and access to our physical and digital environments. Common types of personal data we process have been grouped together as follows (not all of these will occur/apply in every instance), nor is this an exhaustive list of data types being processed:

  • Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender, national insurance number, unique tax reference numbers.
  • Contact Data includes home and/or work address, next of kin details for emergencies, email address and telephone numbers.
  • Financial Data includes bank account and sort codes.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our systems.
  • Usage Data includes information about how you use systems.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

3.1.2. We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

3.1.3. We may process Special Categories of Personal Data about you for very limited and controlled purposes (this may include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). All such activities within the organisation which undertake this type of processing shall adhere to our internal privacy policy on the proper use and handling of this type of data. This data will only ever be collected were there is a genuine need to do so, and data subjects are aware of such processing. It will only be kept in accordance with UK data protection legislation.

4. How do we process data?

4.1. We use different methods to process data about you, depending on the specific purpose.

4.1.1 You may provide us personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • apply for a job;
  • employment purposes
  • access to our environments
  • provided an account on our systems;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us some feedback.

5. How will we use your data?

5.1. We will only use your personal data when the law allows us to, and when we have a specified purpose to do so. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform a contract, we are about to enter into or have entered into with you;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
  • Where we need to comply with a legal or regulatory obligation.

5.1.2 Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

5.1.3 We maintain a register of processing activities within the organisation which is a legal requirement to record the specific purposes of our data processing activities, and which of the legal basis we rely on to do so. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

6. Change of purpose

6.1. We will only use your personal data for the purposes for which we process it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

6.2. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

7. Disclosures of your personal data

7.1. We may have to share your personal data with other SRM group companies, external third parties including service providers, contract partners, advisors, or HMRC. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers (data processors) to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

8. International transfers

8.1. As data controllers we do not transfer your personal data outside the European Economic Area (EEA). Where a data processor working on our behalf processes outside this boundaries we ensure that appropriate safeguards and/adequacy decisions apply to such jurisdictions.  

9. Data security

9.1 We put in place appropriate technical and organisational measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instruction, and they are subject to a duty of confidentiality.

10. Data retention - How long will SRM use your personal data for?

10.1. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, contractual, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

12. Your legal rights

12.1. Under certain circumstances, you have rights under data protection laws in relation to your personal data. You can:

  • Request access to your personal data (make a subject access request);
  • Request correction of your personal data if you feel it is inaccurate.
  • Request erasure of your personal data;
  • Object to the processing of your personal data;
  • Request restriction of processing your personal data;
  • Request the transfer of your personal data;
  • Withdraw your consent to the processing of your personal data.

If you wish to exercise any of the above rights, please contact us. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is repetitive, or excessive. Alternatively, we may refuse to comply with your request if we believe your request is manifestly unfounded.

12.2. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

12.3. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

13. What happens if we make changes to this notice?

13.1. We may revise this notice at any time by amending this page. Please check this page from time to time to take notice of any changes we made.

13.2. We may update our sites from time to time and may change the content at any time. However, please note that any of the content on our sites may be out of date at any given time. We do not guarantee that our sites, or any content on it, will be free from errors or omissions.

14. Applicable law

14.1. If you are a data subject, please note that this notice and terms of use, their subject matter and its formation, are governed by UK Data Protection laws.

15. Contact us

15.1. We have appointed a data protection champion who is responsible for overseeing questions in relation to this notice. If you have any questions about the processing of your personal data, including any requests to exercise your data protection rights, please contact the data protection champion using the details set out below, alternatively click here to use our automated system for subject rights requests.

Contact details –
Data Protection Champion
data.protection@srm.com
Sir Robert McAlpine Limited, Eaton Court, Maylands Avenue, Hemel Hempstead, Herts, HP2 7TR

15.1.2. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO: please contact us in the first instance. 

 

 

Cookie Statement

Use of cookies by Sir Robert McAlpine Ltd.

1. What are cookies

  • Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. This document explains the cookies we use and why.
  • As you interact with our site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.

2. Why we use cookies

  • Our sites use cookies to distinguish you from other users of our sites. This helps us to provide you with a good experience when you browse our sites and also allow us to improve our sites. By continuing to browse the sites, you are agreeing to our use of cookies, those which were agreed to within the cookie banner when you first visited our site.
  • We use these cookies for the purposes of data analytics to improve our websites, products/services, marketing, customer relationships and experiences. This is necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

3. What cookies we use

  • Strictly necessary cookies. These are cookies that are required for the operation of our sites. They include, for example, cookies that enable you to log into secure areas of our sites, or make use of e-billing services.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our sites when they are using them. This helps us to improve the way our sites work, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our sites. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies. These cookies record your visit to our sites, the pages you have visited and the links you have followed. We use this information to make our sites and the advertising displayed, more relevant to your interests. We may also share this information with third parties for this purpose.

 

4. Cookie control

Your decision to use this site, and the choices you make within our cookie banner when you first visit our site control/limit the cookies we use.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our sites may become inaccessible or not function properly.

Please note that third parties (including, for example providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

Except for essential cookies, all cookies will expire after 14 days (some will expire sooner).

 

5. Contact us

5.1. To contact us, please email digital@srm.com.