Confidentiality, GDPR and Privacy

_CONFIDENTIALITY, GDPR AND PRIVACY
||||

SUMMARY

This guideline applies to all persons working for us or on our behalf in any capacity, including employees at all levels, directors, officers, agency workers, seconded workers, volunteers, interns, agents, contractors, external consultants, third-party representatives and business partners. This guideline does not form part of any employee’s contract of employment and it may be amended at any time.

COMMITMENTS

The Organisation has overall responsibility for ensuring this guideline complies with our legal and ethical obligations, and that all those under our control comply with it. The Organisation has primary and day-to-day responsibility for implementing this guideline, monitoring its use and effectiveness, dealing with any queries about it, and auditing internal control systems and procedures to ensure they are effective in data protection. It is the responsibility of supervision at all levels to ensure those reporting to them understand and comply with this notice and are given adequate and regular training on it and the issue of confidentiality and privacy in supply chains. You are invited to comment on this guideline and suggest ways in which it might be improved. Comments, suggestions and queries are encouraged and should be addressed to the Supervisory Board.

COMPLIANCE

You must ensure that you read, understand and comply with this guideline and all other guidelines and procedures that apply to you.

The prevention, detection and reporting breaches of confidentiality, copyright and/or privacy in any part of our business or supply chains is the responsibility of all those working for us or under our control. You are required to avoid any activity that might lead to, or suggest, a breach of this notice. You must notify your line supervisor as soon as possible if you believe or suspect that a conflict with this notice has occurred or may occur in the future. You are encouraged to raise concerns about any issue or suspicion of breach of confidentiality, copyright and/or privacy in any parts of our business or supply chains of any supplier tier at the earliest possible stage. If you believe or suspect a breach of this guideline has occurred or that it may occur, you must notify your line supervisor in accordance with our Help at Work scheme as soon as possible. You should note that where appropriate, and with the welfare and safety of local workers as a priority, we will give support and guidance to our suppliers to help them address issues relating to improper work practices pertaining to confidentiality, copyright and/or privacy in their own business and supply chains. If you are unsure about whether a particular act or working practice within any tier of our supply chains constitutes any of the various forms of confidentiality and privacy misconduct, raise it with your line supervisor. We aim to encourage openness and provide support to anyone who raises genuine concerns in good faith under this notice, even if they turn out to be mistaken. We are committed to ensuring no one suffers any detrimental treatment as a result of reporting in good faith their suspicion that confidentiality/privacy misconduct of whatever form is or may be taking place in any part of our own business or in any of our supply chains.

Detrimental treatment includes dismissal, disciplinary action, threats or other unfavourable treatment connected with raising a concern.

If you believe that you have suffered any such treatment, you should inform your line supervisor immediately. If the matter is not remedied, and you are an employee, you should raise it formally using our Grievance Procedure, which can be found in the current employee handbook.

This Confidentiality, GDPR and Privacy Protection Guideline and Statement is intended for business in all countries, especially the United Kingdom; and is brought to you by _SIEGUS®.

COMMUNICATION AND AWARENESS

Training on this, and on the risk our business faces from modern slavery in its supply chains, forms part of the induction process for all individuals who work for us, and updates will be provided using established methods of communication between the business and you. Our zero-tolerance approach to modern slavery must be communicated to all suppliers, contractors and business partners at the outset of our business relationship with them and reinforced as appropriate thereafter.

BREACH OF NOTICE

Any employee who breaches this notice shall face disciplinary action, which could result in dismissal for misconduct or gross misconduct. We may terminate our relationship with other individuals and organisations working on our behalf if they breach this notice.