User Privacy Policy

 
Privacy and Security Policy: This policy will be accessible by all users of the Services via a link and is subject to review throughout the contract.

About this Policy:

SWT Software Ltd (“Shopworks”) are committed to ensuring and protecting your privacy and the privacy of your staff data at any time you are using our Services, whether through our Software Product, our website or other device or application, and when you and your staff communicate electronically with us. Our Privacy and Security Policy is contained below and provides a detailed explanation as to how we may use your or your staff’s personal information provided to us or any we collect through legal means.

Shopworks will notify you of any changes to this Privacy Policy.

Key Definitions in our Policy:

"Personal data" means any recorded information we hold about a person from which they can be identified. It may include contact details, and other personal information.

"Processing" means doing anything with the data, such as accessing, disclosing, destroying or using the data in any way.

Our Key Data Protection Principles:

We recognise the need to treat personal data in an appropriate and lawful manner. We will comply with the data protection principles in the Data Protection Act 1998 as updated and by the General Data Protection Regulation (EU2016/679) (Data Protection Legislation), which say that personal data must be:

• Processed lawfully, fairly and in a transparent manner;

• Processed for limited purposes and in an appropriate way;
• Adequate, relevant and not excessive for the purpose for which it is processed;

• Accurate and kept up to date;

• Kept no longer than is necessary for the purpose;

• Processed in a manner which ensures appropriate security to prevent against accidental loss, destruction or damage.
We will also ensure that any processing of personal data will be in line with the rights of the individual. We have set out these rights in more detail below.
 
How We Will Collect and Use Personal Data:

Our Software Product provides a workforce management system. In order to use and receive the full benefit of our Software Product and/or our related services, personal data will need to be uploaded and will be collected and processed. The Software cannot be used / will be ineffective without this information.

The information we will collect will include information provided to us by our clients and their staff, and may include a person’s name, address, scheduled working hours and hours worked, rates of pay, and encrypted biometric information so that each user can be accurately identified. 

When accessing our Software Product and/or our system via our website or other device or application, we may also collect traffic data, weblogs, location data and other information that is submitted through the use of our system and/or our website or related applications.

Fair and Lawful Processing

It is necessary for us to process this personal data in order for us to operate the Software Product and to perform our obligations to you as part of our contract for services. We will process personal data where you have given your consent or where the processing is necessary to comply with our legal obligations and for our legitimate interests or the legitimate interests of others.

Processing for Limited Purposes

Our Software Product operates so that our clients and their staff can access the platform and manage their working hours and payroll. The Software Product also assists our clients to monitor levels of pay, staff holidays, pension contribution and working hours to assist with compliance with laws and regulations.

We will only process personal data for the specific purpose of effectively operating our Software Platform and to provide the related services, and to let you know about any changes to our Software Product or our Services.

We may also process personal data in order to provide information about other goods and services we offer that are similar to those already purchased or enquired about. We do not share your personal data with third parties for this purpose.

We may also use personal data to ensure that our Software Product and/or our website or application is presented and operates in the most efficient manner for the computer or device accessing it.

If we need to process personal data for any other reason we will notify you, unless otherwise permitted by the Data Protection Legislation.

Adequate, Relevant and Non-excessive Processing

Personal data will only be processed to the extent that it is necessary for the specific purposes set out in the policy or as otherwise notified to you.

Accurate Data

We will keep the personal data we store accurate and up to date. Data that is inaccurate or out of date will be destroyed. Please notify us if personal details change or if you become aware of any inaccuracies in the personal data we hold about you or your staff.

Data Retention

We will not keep personal data for longer than is necessary for the purpose for which we are processing it. This means that data will be destroyed or erased from our systems when it is no longer required.

Processing in Line With Individuals’ Rights

All Individuals have the right to:

• Be informed about the personal data we hold about them and why we are processing it;

• Request access to any personal data we hold about them;

• Request inaccurate data is amended and updated;

• Request the personal data is erased or restrict processing of that data;
• Object to processing of personal data and to prevent the processing of data for direct-marketing purposes;

• Prevent processing that is likely to cause unwarranted substantial damage or distress;

• Object to any decision being taken solely by a computer or other automated process.

Data Security and Storage

We will ensure that appropriate measures are taken against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data.

We have in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We will only transfer personal data to a third party if such party agrees to comply with those procedures and policies, or has in place alternative adequate measures.

The data that we collect from you will be transferred to, and stored at, a destination inside the European Economic Area. If at any time we are required to transfer your personal data outside of the European Economic Area we will take necessary steps to ensure that your data is treated securely and in accordance with the Data Protection Legislation. 

Maintaining data security means guaranteeing the confidentiality, integrity and availability (for authorised purposes) of the personal data.

All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Software Product, our website or application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Providing Information to Third Parties

We will not disclose your personal data to a third party without your consent unless we are satisfied that they are legally entitled to the data. In the event we sell any business or assets, we may need to disclose personal data to the prospective buyer of such assets. Where we do disclose your personal data to a third party, we will have regard to the requirements of the Data Protection Legislation.

You agree that we have the right to share personal data with any member of our group including our subsidiaries and ultimate holding company and its subsidiaries (within the meaning of section 1159 of the Companies Act 2006). 

Use of Cookies

Circumstances may arise when we may need to gather information about your computer to help provide appropriate services or products to you. The data gathered is solely statistical data which will not be shared with anyone.

Cookies are used to collect general online usage by using a cookie file. If used, this cookie file is downloaded without prompting. It will be placed on your hard drive with information transferred to the hard drive allowing the cookies to be used for data collection.

Any computer or device has the option to decline cookies. Your web browser options including an ‘enable’ button to decline cookies. If you decline the use of cookies you may be limiting your access to sections of our Software Product and/or our website or application.

Contacting us:

We welcome and hope you do not hesitate to make any queries or comments or requests regarding this Privacy and Security Policy. To do so, please contact us at accounts@theshopworks.com.