Privacy policy
Employees are required at all times during their employment to comply with the provisions of the General Data Protection Regulation (GDPR) and with any policy introduced by the organisation to comply with the Act. The employee consents to the processing by the organisation or any associated company of personal data relating to him/her as necessary for the performance of the employee's contract of employment and/or the conduct of the organisation's business.
Without prejudice to the generality of the foregoing, the employee explicitly consents to the organisation processing any sensitive personal data relating to the employee, including any self-certificates, doctors' certificates, medical reports, details of trade union membership and details of criminal convictions as necessary for the performance of the employee's contract and/or the conduct of the organisation's business.
Where the employee is informed that particular confidential information as defined above may not be disclosed to anyone within the organisation other than certain other named employees, the employee shall ensure that he/she abides by such a requirement. In particular, the employee shall take all security precautions required by the organisation or any third party that has contracted with the organisation and may have imposed contractual restrictions on the organisation and the employees within the organisation to whom the information may be disclosed. No employee should make assumptions about sharing of confidential information with other employees. If in doubt, the employee should consult his/her line manager.