Subject Access Policy
Subject Access - GDPR
1.1 Protecting personal data is very important. Whether it belongs to employees or individuals we work with we take our responsibilities very seriously.
1.2 Any individual that we hold data on is a ‘Data Subject’. Data Subjects have the right to request access to their personal data, ask for amendments to be made to it and for it to be deleted. Further information about those rights along with the right to withdraw any consent that has been given to Barker Ross, can be found in our data protection policy. That policy also includes who to speak with if individuals have any queries about our approach to processing personal data.
1.3 Data Subjects can ask us for a copy of the personal data that we hold on by writing to The Data Protection Officer, Barker Ross Group, Mercury Place, 11 St George Street, Leicester, LE1 1QG, or via e mail at email@example.com
1.4 We will ask the Data Subject for copies of two types of approved identity in order to process the request (such as a passport and driving licence). Data Subjects can also ask us to make corrections to data that are considered to be inaccurate by writing to The Data Protection Officer.
1.5 We will contact the Data Subject to confirm the information that they wish to receive / have access to.
1.6 Barker Ross will provide the information requested within 28 days of receiving the request from the Data Subject.
1.7 Where we deem that the information that has been asked for is excessive, we will clarify what it is required. We can make a charge for this information but will inform the Data Subject of this before proceeding with any collation of data.
1.8 In line with GDPR Data Subjects can ask for the following: For a copy of the personal data that we hold on the individual between two dates. For a copy of the personal data that we hold on the individual relating to a specific role.
1.9 A Subject Access request can also be used for us to confirm what data we hold and process on the Data Subject, a description of the personal data that we hold, the reasons it is being processed and whether it is shared with anyone, to understand from whom we secured personal data, to understand how long we keep personal data, to understand the Data Subjects’ rights to have personal data deleted, corrected or no longer processed. Any information provided will have the personal data of third parties deleted.
1.10 Not all personal data can be shared as part of a Subject Access Request. It cannot be provided where it contains a confidential reference given for employment purposes.
1.11 Where we consider a request excessive we are able to charge a reasonable fee taking into account our administrative costs. Any fee must be paid within seven days to confirm that the subject access request be completed.
1.12 If you wish to discuss any element of this policy please contact the Data Protection Officer at Barker Ross Group, Mercury Place, 11 St George Street, Leicester, LE1 1QG, or e mail firstname.lastname@example.org