Fortem Solutions Limited and its subsidiaries Fortem Energy Services Limited and Fortem 4Life Limited (”We” and “Us”) are committed to protecting and respecting privacy.
We operate separate Privacy Policies in relation to the way that we use information about our Candidates and our Supply Chain and these can be viewed at www.fortem.co.uk/privacy-policy. Information about how we use information about our employees is available internally.
If we are providing services to you direct, and not on behalf of a property owner, then we are “data controller”. This means that we are responsible for deciding how we hold and use personal information.
The information we hold about customers
We only hold enough information about our Customers to enable us to carry out services for them. This includes name, address and contact details of our Customers together with information about the property or the work required, together with any additional information that we need to know about which can include pastoral, behavioural or special needs of Customers to ensure that their needs are met and to support the safeguarding of our Customers and our employees and contractors.
If services are being provided to you in connection with energy efficiency funding or through a Green Deal arrangement then we may need to obtain information about your past and future energy usage, utility provider and utility costs.
If you are participating in one of our community activities then we will only collect enough information to enable you to participate, for example to make sure that it is safe for you to participate, or if we are providing you with life skills we may need to know further information about you so that you can make the most of the experience.
How is information collected?
Information is collected from the following sources:
- from a property owner, landlord or local authority to whom we provide services to
- when you contact one of our call centres to register a repair
- when you speak to one of our employees visiting you in your home or in your community
- when you speak to us to arrange an appointment or to progress the services that we are providing to you
- via smartphone/tablet applications and/or web portals (which may utilise video streaming, picture sharing, voice recognition and digital dictation technology)
- when you submit information to us via our website, a web portal or by e-mailing us
- by completing a personal details form because you are interested in receiving a service from us or because you want to participate in one of our community activities
How will we use information about our customers
We will use the information that we have about you to:
- provide and plan the services that you or the owner of your property has asked us to provide;
- make sure that we are allocating appropriate resources to you to meet your particular requirements – for example if we think that you (or anyone in your household) might need extra care (because of age, health, disability), we may record this;
- help provide and improve our services and products;
- create statistics, test our computer systems, and analyse customer information;
- report our performance to the owner of the property;
- to record a database of property details such as the archetype and condition of housing stock and fixtures, fittings and equipment;
- to handle any complaints that you may have about our service;
- help prevent and detect debt, fraud and loss;
- train our staff;
- get in touch with you about the services that we have been asked to provide. That could be by email, phone, text, multimedia message or another form of electronic communication – for example we may send you notification of an appointment by text or phone to confirm an appointment;
- ask for your feedback about the services that we have provided to you;
- to report any safeguarding issues to the relevant authorities;
If you give us information on behalf of someone else, such as someone in your household, you are confirming that you have given them the information in this policy, and that they have agreed to you giving us the information.
We monitor and record any communications we have with you, like phone conversations and emails. This is just to make sure we are providing you and the property owner with a good service and that we are meeting our regulatory and legal responsibilities.
It may be necessary for us to provide information about you to our Associated Companies, to the owner of your property, or to regulatory authorities if we are required to do so by law. We will do this:>
- to provide you with the services that you or the property owner has asked us, which might include giving information to members of your family or household
- in connection with our agreement with the owner of your property
- in connection with an agreement with you
- to demonstrate that energy efficiency or Green Deal funding conditions have been met
- to relevant public authorities or utility companies e.g. gas and electricity companies;
- to help find and prevent debt, fraud or loss
- for legal or regulatory purposes;
- for any associated legal action;
- as part of government data-sharing initiatives
Sometimes we sub-contract our services to others, and it may be necessary to pass your details to our sub-contractor or suppliers for this purpose and they are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may also pass your information on to organisations that regulate us or who inspect installations for example the Health and Safety Executive or GasSafe. This may include the property address and postcode, and information about appliances that have been installed in your home.
We shall not share your personal information to third parties for marketing purposes unless you have given your written consent for us to do so.
“Associated Companies” refers to those companies belonging to the same family of companies as us and who benefit from a close relationship, shared systems and shared ownership.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to- know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will retain your personal information only for as long as is directed by the relevant Data Controller which is typically the end of our contract. Where we are the Data Controller we shall retain your personal information for as long as required in connection with the services that have been provided to you, and this will usually be as long as any guarantee that has been provided to you.
Rights of access, correction, erasure and restriction
If we are acting as a Data Processor you may need to make a request to exercise your Data Subject Rights directly to the Data Controller. However under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the Data Protection Officer in writing, whose details are provided below.
Right to withdraw consent
If you have provided consent to us processing your personal information you have the right to withdraw your consent for processing for that purpose at any time.
If you talk to us over the Internet (for example by email or webmail) remember that this form of communication is not always secure. These kinds of messages may go through a number of countries before they are delivered. That is just the nature of the Internet, so we cannot accept responsibility for any unauthorised access or loss of personal information if it is beyond our control. We may use ‘cookies’ to monitor how people use
our site. A cookie is a piece of information stored on your computer's hard drive that records how you have used a website. Our cookies policy tells you more about cookies and how we use them.
Data protection officer
If you have any questions about this Candidate Privacy Notice or how we handle your personal information, please contact the Data Protection Officer whose details are as follows:
The Data Protection Officer
or email email@example.com
This policy was last updated on 01 May 2020.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.