Privacy Policies

  • Privacy Policy

    CedarScotland Limited

    April 2018

    This privacy statement is designed to tell you about our practices regarding the collection, use and disclosure of information held by CedarScotland Limited. Please be sure to read this information carefully before providing personal information to us.

    On the 25th May 2018 new legislation on Data Protection enters into force – The General Data Protection Regulations 2018 – “GDPR”. This new legislation is a European-wide ruling to protect the way in which Companies across Europe hold and use your personal information. There are 6 guiding principles underpinning the legislation:

    Personal Data shall be processed lawfully, fairly and in a transparent manner in relation to individuals

    At CedarScotland we process data about our clients; prospective clients who we believe would be interested in our services; employees; and companies that we work with to provide our services – these could include contracted services, such as IT services, advertising, or suppliers of goods and services procured by CedarScotland either for our use, or for that of our clients.

    Where CedarScotland processes data about clients, employees or companies that we work with, we do so to fulfil contractual obligations or to take pre-contractual steps. We will process the personal data under consent.

    CedarScotland also gathers information for marketing purposes from a variety of sources under the principle of Legitimate Interest. The sources are not limited to but may include enquiries at professional events; referrals from colleagues or other professional connections; LinkedIn; web sites; purchased marketing lists; directories; delegate lists from professional events; and Lead Forensics via the CedarScotland website. Consent will be sought to send marketing information to individuals where the products and services of CedarScotland may be of interest.

    Information about our Employees is processed by us under the principle of consent to administer payroll and other employee benefits such as pension and healthcare.

    Personal Data shall be collected for specified, explicit and legitimate reasons and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be incompatible with the initial purposes

    CedarScotland will only process personal data where:
    • We believe there is a legitimate interest in the services offered by CedarScotland
    • To fulfil contractual or pre-contractual obligations with regards to the services provided by CedarScotland Limited
    • To fulfil our legal obligations in the processing of employee data

    The personal data collected will be relevant to the relationship between that individual and CedarScotland Limited, and only data relevant to the relationship will be processed. Please see further information below relating to the different data that may be held in different circumstances.

    Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

    To fulfil contractual or pre-contractual steps, it is necessary for CedarScotland to hold personal information about our clients. This information will be:

    Organisation address contact information (email, telephone, website), site and location information.

    Key contacts involved in the delivery of the CedarScotland Service – name, job title, location, email address, telephone numbers and responsibility / involvement with CedarScotland.

    For potential customers of CedarScotland Limited, only those organisations or individuals where we believe there is a legitimate interest will be contact by CedarScotland staff to discuss or present the services offered by the Company. CedarScotland will collect personal information via a variety of sources as outlined in 1. Above, and the data gathered will be:

    Name, Job Title, Employer / organisation, Address of the organisation, Department, Website, Telephone number, Email address

    CedarScotland will also retain emails to and from our clients and prospective clients where that information is relevant to the services provided by CedarScotland.

    CedarScotland maintains a client relationship manager database and information relating to conversations, emails and telephone calls pertaining to the services offered by CedarScotland shall be recorded in the database.

    Signed copies of contracts received from customers shall be retained and stored securely.

    Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay

    Where a key contact leaves the employment of a contracting organisation, CedarScotland shall remove the individuals name, email address, job title and telephone number from the records held in the client relationship manager database and from other forms of electronically held data, unless that individual has requested that we maintain this information for future use. Any emails and requests from that individual will be maintained within the organisation record for the duration of the contract and for the 7 following years after the contract has ended to ensure that all relevant information pertaining to the contract is held in full.

    When CedarScotland is informed by a contracting organisation of a change in personnel, the information held will be updated / amended / deleted as appropriate. If the individual is a designated user of the CedarScotland software, their user profile will be deleted.

    Where CedarScotland Limited is notified of any changes to personnel within potential organisations, suppliers or other third-party organisations the changes shall be updated / amended or deleted as appropriate.

    Changes shall be made across all relevant systems without delay and within a period of 28 days.

    Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals

    For existing customers utilising the services from CedarScotland Limited, the relevant and necessary personal information shall be kept for the duration of the contract and for a period no longer than 7 years after the cessation of the contract. At this point, all personal information shall be deleted or destroyed securely.

    Where CedarScotland has relationships with other external suppliers, the personal data shall be kept for the duration of the professional relationship or until we are notified of a change to personnel by the partnering company.

    For potential customers, information shall be retained to send information regarding the products and services offered by CedarScotland. Where an individual confirms that the information is not of interest or not relevant to their organisation, the personal information shall be removed from the organisations record. This information may be stored on the client relationship manager system in use by CedarScotland staff, on mobile phones and within the email system used by CedarScotland employees.

    Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

    CedarScotland employs the services of  DTAccounting Limited for it’s Accounting

    CedarScotland accepts the responsibilities for managing its own GDPA and that off CCMS and RCCM that go with this role, which has been contractually defined. The relevant steps have been undertaken by CedarScotland Limited the parent company, to verify the security arrangements of all three organisations.

    Where information is held by letter or other manual means, such as but not limited to contracts, this information will be held at the CEO’s office in a secure environment (lockable cabinet in a lockable office), and only accessible to the relevant employees of CedarScotland Limited, CCMS and RCCM. Copies of manually held information is available to individuals by sending a request to info@cedarscotland.co.uk CedarScotland will comply with any requests for copies of information held within 1 month of receipt.

    From time to time it may be necessary for personal information and requests from individuals to be noted manually. Any information will, at the first opportunity, be updated on the client relationship manager database and the paper copy of the information destroyed securely.

    Personal information may be held on CedarScotland Limited employee’s mobile phones, tablets and laptops / pc’s, used only in their specific role at CedarScotland Limited, and always within the EU. CedarScotland employees are not permitted to take company property away on holiday.

    It is company policy that all employees utilising electronic equipment outside of the CEO office must adhere to the following rules:

    • User names and passwords for devices and software must not be shared with any other colleague or person
      • Devices must be secured by password or PIN when not in use
      • Devices should not be left unattended when turned on
      • Devices must not be taken out of the UK unless on business within the EU. Devices must never be taken outside of the EU
      • Devices must be shut down and left in a secure place when not in use
      • When employees are on annual leave, devices must be placed out of plain sight within their residence and turned off

    All individuals have a right to request access to the information that CedarScotland Limited currently holds, and they can do this by sending a request to london@inhousemanager.com. The requested information will be supplied within 1 month of the request and is free of charge.

    All individuals have the right to have their personal data rectified if the information being used is incorrect. They can do this by sending a request to info@cedarscotland.co.uk. The information will be authenticated and corrected within 1 month of the request.

    All individuals have the right to request that their personal information be erased. In some circumstances it may not be possible for CedarScotland to comply with the request in full, where historical information is required for the fulfilment of a contract. If this is the case, we will tell you.

    All individuals have the right to restrict how we use their personal information. For requests please email info@cedrscotland.co.uk with specific information as to the restrictions required.

    Where an individual request the right to port their data to another provider, CedarScotland will provide the information required in a CSV format and will provide this information within 1 month of the request being received. Where a large amount of data is required, CedarScotland may extend this notice period by a further 2 months. In this scenario, CedarScotland will confirm without delay, and within 1 month, of the reasons for the extension. This extension option will be used where a large amount of data, or multiple requests are received, and will only opt for an extension where necessary.
    All individuals have the right to object to the way in which their personal data is processed. All communications will include the option for an individual to report their objection to CedarScotland,
    by emailing info@cedarscotland.co.uk On receipt of an objection, CedarScotland will stop processing the data unless it can demonstrate compelling legitimate grounds for the processing, which overrise
    the interests, rights and freedoms of the individual; or the processing is for the establishment, exercise or defence of legal claims. Any objections will be dealt with free of charge.
    Rights relating to automated decision making including profiling: CedarScotland Limited does not engage in automated decision making or profiling in any of its activities.

    Additional Information relating to the website www.cedarscotland.co.uk

    CedarScotland Limited operates a website which offers the opportunity for visitors to request more information by completing an online enquiry form. Where an individual offers their personal data by completing this form they are giving permission for a member of CedarScotland staff to contact them using the contact information provided via the enquiry form to respond to the enquiry. Information provided via the website will be entered on to the client relationship manager database system for the purposes of communicating, tracking and servicing enquiries. The information provided is sent securely via electronic means from the website to a CedarScotland Limited employee.

    We reserve the right to use cookies to improve the experience of using the website. Cookies are small files that the site places on your hard drive for identification purposes. You should note that cookies cannot read data off your hard drive. Your web browser may allow you to be notified when you are receiving a cookie, giving you the choice to accept it or not. By not accepting cookies, some pages may not fully function, and you may not be able to access certain information on the site.

    CedarScotland Limited also collects domain information as part of its analysis of the use of the site. This data enables us to become more familiar with which customers visit our site, how often they visit, and what parts of the site they visit most often. CedarScotland Limited uses this information to improve its commercial offerings. This information is collected automatically and required no action on your part.

    CedarScotland also employs the services of PMG, a third part service to notify CedarScotland Limited employees of organisations who visit www.cedarscotland.co.uk. Information about visiting organisations is then used by CedarScotland Limited employees to contact the organisation to discuss the information viewed and to offer further information or advice. The PMG service offers access to names and job titles of key decision makes in organisations and for an additional fee, the email addresses of those individuals. CedarScotland Limited does not purchase email address information of visitors to the website but may use the information regarding the names of key individuals to ascertain whether there is an interest in the services and products provided by CedarScotland Limited.

    Where www.cedarscotland.co.uk contains links to other websites, CedarScotland Limited is not responsible for the privacy practices or content of other such sites. We encourage users to read the privacy statements on each site they link to that may collect personal data.

  • Privacy Policy

    Cedar Catering Management Support Limited

    April 2018

    This privacy statement is designed to tell you about our practices regarding the collection, use and disclosure of information held by Cedar Catering Management Support Limited. Please be sure to read this information carefully before providing personal information to us.

    On the 25th May 2018 new legislation on Data Protection enters into force – The General Data Protection Regulations 2018 – “GDPR”. This new legislation is a European-wide ruling to protect the way in which Companies across Europe hold and use your personal information. There are 6 guiding principles underpinning the legislation:

    Personal Data shall be processed lawfully, fairly and in a transparent manner in relation to individuals

    At Cedar we process data about our clients; prospective clients who we believe would be interested in our services; employees; and companies that we work with to provide our services – these could include contracted services, such as IT services, advertising, or suppliers of goods and services procured by Cedar either for our use, or for that of our clients.

    Where Cedar processes data about clients, employees or companies that we work with, we do so to fulfil contractual obligations or to take pre-contractual steps. We will process the personal data under consent.

    Cedar also gathers information for marketing purposes from a variety of sources under the principle of Legitimate Interest. The sources are not limited to but may include enquiries at professional events; referrals from colleagues or other professional connections; LinkedIn; web sites; purchased marketing lists; directories; delegate lists from professional events; and Lead Forensics via the Cedar website. Consent will be sought to send marketing information to individuals where the products and services of Cedar may be of interest.

    Information about our Employees is processed by us under the principle of consent to administer payroll and other employee benefits such as pension and healthcare.

    Personal Data shall be collected for specified, explicit and legitimate reasons and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be incompatible with the initial purposes

    Cedar will only process personal data where:

    • We believe there is a legitimate interest in the services offered by Cedar
      • To fulfil contractual or pre-contractual obligations with regards to the services provided by Cedar.
      • To fulfil our legal obligations in the processing of employee data

    The personal data collected will be relevant to the relationship between that individual and Cedar, and only data relevant to the relationship will be processed. Please see further information below relating to the different data that may be held in different circumstances.

    Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

    To fulfil contractual or pre-contractual steps, it is necessary for CedarScotland to hold personal information about our clients. This information will be:

    Organisation address contact information (email, telephone, website), site and location information.

    Key contacts involved in the delivery of the Cedar Service – name, job title, location, email address, telephone numbers and responsibility / involvement with Cedar.

    For potential customers of Cedar, only those organisations or individuals where we believe there is a legitimate interest will be contact by Cedar staff to discuss or present the services offered by the Company. Cedar will collect personal information via a variety of sources as outlined in 1. Above, and the data gathered will be:

    Name, Job Title, Employer / organisation, Address of the organisation, Department, Website, Telephone number, Email address

    Cedar will also retain emails to and from our clients and prospective clients where that information is relevant to the services provided by Cedar.

    Cedar maintains a client relationship manager database and information relating to conversations, emails and telephone calls pertaining to the services offered by Cedar shall be recorded in the database.

    Signed copies of contracts received from customers shall be retained and stored securely.

    Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay

    Where a key contact leaves the employment of a contracting organisation, Cedar shall remove the individuals name, email address, job title and telephone number from the records held in the client relationship manager database and from other forms of electronically held data, unless that individual has requested that we maintain this information for future use. Any emails and requests from that individual will be maintained within the organisation record for the duration of the contract and for the 7 following years after the contract has ended to ensure that all relevant information pertaining to the contract is held in full.

    When Cedar is informed by a contracting organisation of a change in personnel, the information held will be updated / amended / deleted as appropriate. If the individual is a designated user of the Cedar software, their user profile will be deleted.

    Where Cedar is notified of any changes to personnel within potential organisations, suppliers or other third-party organisations the changes shall be updated / amended or deleted as appropriate.

    Changes shall be made across all relevant systems without delay and within a period of 28 days.

    Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals

    For existing customers utilising the services from Cedar, the relevant and necessary personal information shall be kept for the duration of the contract and for a period no longer than 7 years after the cessation of the contract. At this point, all personal information shall be deleted or destroyed securely.

    Where Cedar has relationships with other external suppliers, the personal data shall be kept for the duration of the professional relationship or until we are notified of a change to personnel by the partnering company.

    For potential customers, information shall be retained to send information regarding the products and services offered by Cedar. Where an individual confirms that the information is not of interest or not relevant to their organisation, the personal information shall be removed from the organisations record. This information may be stored on the client relationship manager system in use by Cedar staff, on mobile phones and within the email system used by Cedar employees.

    Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

    Cedar employs the services of DTAccounting Limited for it’s Accounting.

    CedarScotland accepts the responsibilities for managing its own GDPA and that off CCMS and RCCM that go with this role, which has been contractually defined. The relevant steps have been undertaken by CedarScotland Limited the parent company, to verify the security arrangements of all three organisations.

    Where information is held by letter or other manual means, such as but not limited to contracts, this information will be held at the CEO’s office in a secure environment (lockable cabinet in a lockable office), and only accessible to the relevant employees of CedarScotland Limited, CCMS and RCCM. Copies of manually held information is available to individuals by sending a request to info@cedarscotland.co.uk CedarScotland will comply with any requests for copies of information held within 1 month of receipt.

    From time to time it may be necessary for personal information and requests from individuals to be noted manually. Any information will, at the first opportunity, be updated on the client relationship manager database and the paper copy of the information destroyed securely.

    Personal information may be held on Cedar employee’s mobile phones, tablets and laptops / pc’s, used only in their specific role at Cedar, and always within the EU. CedarScotland employees are not permitted to take company property away on holiday.

    It is company policy that all employees utilising electronic equipment outside of the CEO office must adhere to the following rules:

    • User names and passwords for devices and software must not be shared with any other colleague or person
      • Devices must be secured by password or PIN when not in use
      • Devices should not be left unattended when turned on
      • Devices must not be taken out of the UK unless on business within the EU. Devices must never be taken outside of the EU
      • Devices must be shut down and left in a secure place when not in use
      • When employees are on annual leave, devices must be placed out of plain sight within their residence and turned off

    All individuals have a right to request access to the information that CedarScotland Limited currently holds, and they can do this by sending a request to london@inhousemanager.com. The requested information will be supplied within 1 month of the request and is free of charge.

    All individuals have the right to have their personal data rectified if the information being used is incorrect. They can do this by sending a request to info@cedarscotland.co.uk. The information will be authenticated and corrected within 1 month of the request.

    All individuals have the right to request that their personal information be erased. In some circumstances it may not be possible for CedarScotland to comply with the request in full, where historical information is required for the fulfilment of a contract. If this is the case, we will tell you.

    All individuals have the right to restrict how we use their personal information. For requests please email info@cedrscotland.co.uk with specific information as to the restrictions required.

    Where an individual request the right to port their data to another provider, CedarScotland will provide the information required in a CSV format and will provide this information within 1 month of
    the request being received. Where a large amount of data is required, CedarScotland may extend this notice period by a further 2 months. In this scenario, CedarScotland will confirm without delay, and within 1 month, of the reasons for the extension. This extension option will be used where a large amount of data, or multiple requests are received, and will only opt for an extension where necessary.

    All individuals have the right to object to the way in which their personal data is processed. All communications will include the option for an individual to report their objection to CedarScotland, by emailing info@cedarscotland.co.uk On receipt of an objection, CedarScotland will stop processing the data unless it can demonstrate compelling legitimate grounds for the processing, which overrise the interests, rights and freedoms of the individual; or the processing is for the establishment, exercise or defence of legal claims. Any objections will be dealt with free of charge.

    Rights relating to automated decision making including profiling: CedarScotland Limited does not engage in automated decision making or profiling in any of its activities.

    Additional Information relating to the website www.cedarscotland.co.uk

    CedarScotland Limited operates a website which offers the opportunity for visitors to request more information by completing an online enquiry form. Where an individual offers their personal data by completing this form they are giving permission for a member of CedarScotland staff to contact them using the contact information provided via the enquiry form to respond to the enquiry. Information provided via the website will be entered on to the client relationship manager database system for the purposes of communicating, tracking and servicing enquiries. The information provided is sent securely via electronic means from the website to a CedarScotland Limited employee.

    We reserve the right to use cookies to improve the experience of using the website. Cookies are small files that the site places on your hard drive for identification purposes. You should note that cookies cannot read data off your hard drive. Your web browser may allow you to be notified when you are receiving a cookie, giving you the choice to accept it or not. By not accepting cookies, some pages may not fully function, and you may not be able to access certain information on the site.

    CedarScotland Limited also collects domain information as part of its analysis of the use of the site. This data enables us to become more familiar with which customers visit our site, how often they visit, and what parts of the site they visit most often. CedarScotland Limited uses this information to improve its commercial offerings. This information is collected automatically and required no action on your part.

    CedarScotland also employs the services of PMG, a third part service to notify CedarScotland Limited employees of organisations who visit www.cedarscotland.co.uk Information about visiting organisations is then used by CedarScotland Limited employees to contact the organisation to discuss the information viewed and to offer further information or advice. The PMG service offers access to names and job titles of key decision makes in organisations and for an additional fee, the email addresses of those individuals. CedarScotland Limited does not purchase email address information of visitors to the website but may use the information regarding the names of key individuals to ascertain whether there is an interest in the services and products provided by CedarScotland Limited.

    Where www.cedarscotland.co.uk contains links to other websites, CedarScotland Limited is not responsible for the privacy practices or content of other such sites. We encourage users to read the privacy statements on each site they link to that may collect personal data.

  • Privacy Policy

    Revive Catering Contract Management Limited

    April 2018

    This privacy statement is designed to tell you about our practices regarding the collection, use and disclosure of information held by Revive Catering Contract Management Limited. Please be sure to read this information carefully before providing personal information to us.

    On the 25th May 2018 new legislation on Data Protection enters into force – The General Data Protection Regulations 2018 – “GDPR”. This new legislation is a European-wide ruling to protect the way in which Companies across Europe hold and use your personal information. There are 6 guiding principles underpinning the legislation:

    Personal Data shall be processed lawfully, fairly and in a transparent manner in relation to individuals

    At Revive we process data about our clients; prospective clients who we believe would be interested in our services; employees; and companies that we work with to provide our services – these could include contracted services, such as IT services, advertising, or suppliers of goods and services procured by Revive either for our use, or for that of our clients.

    Where Revive processes data about clients, employees or companies that we work with, we do so to fulfil contractual obligations or to take pre-contractual steps. We will process the personal data under consent.

    Revive also gathers information for marketing purposes from a variety of sources under the principle of Legitimate Interest. The sources are not limited to but may include enquiries at professional events; referrals from colleagues or other professional connections; LinkedIn; web sites; purchased marketing lists; directories; delegate lists from professional events; and Lead Forensics via the Revive website. Consent will be sought to send marketing information to individuals where the products and services of Revive may be of interest.

    Information about our Employees is processed by us under the principle of consent to administer payroll and other employee benefits such as pension and healthcare.

    Personal Data shall be collected for specified, explicit and legitimate reasons and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be incompatible with the initial purposes

    Revive will only process personal data where:

    • We believe there is a legitimate interest in the services offered by Cedar
      • To fulfil contractual or pre-contractual obligations with regards to the services provided by Cedar.
      • To fulfil our legal obligations in the processing of employee data

    The personal data collected will be relevant to the relationship between that individual and Cedar, and only data relevant to the relationship will be processed. Please see further information below relating to the different data that may be held in different circumstances.

    Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

    To fulfil contractual or pre-contractual steps, it is necessary for CedarScotland to hold personal information about our clients. This information will be:

    Organisation address contact information (email, telephone, website), site and location information.

    Key contacts involved in the delivery of the Revive Service – name, job title, location, email address, telephone numbers and responsibility / involvement with Revive.

    For potential customers of Revive, only those organisations or individuals where we believe there is a legitimate interest will be contact by Revive staff to discuss or present the services offered by the Company. Revive will collect personal information via a variety of sources as outlined in 1. Above, and the data gathered will be:

    Name, Job Title, Employer / organisation, Address of the organisation, Department, Website, Telephone number, Email address

    Revive will also retain emails to and from our clients and prospective clients where that information is relevant to the services provided by Revive.

    Revive maintains a client relationship manager database and information relating to conversations, emails and telephone calls pertaining to the services offered by Revive shall be recorded in the database.

    Signed copies of contracts received from customers shall be retained and stored securely.

    Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay

    Where a key contact leaves the employment of a contracting organisation, Revive shall remove the individuals name, email address, job title and telephone number from the records held in the client relationship manager database and from other forms of electronically held data, unless that individual has requested that we maintain this information for future use. Any emails and requests from that individual will be maintained within the organisation record for the duration of the contract and for the 7 following years after the contract has ended to ensure that all relevant information pertaining to the contract is held in full.

    When Revive is informed by a contracting organisation of a change in personnel, the information held will be updated / amended / deleted as appropriate. If the individual is a designated user of the Revive software, their user profile will be deleted.

    Where Revive is notified of any changes to personnel within potential organisations, suppliers or other third-party organisations the changes shall be updated / amended or deleted as appropriate.

    Changes shall be made across all relevant systems without delay and within a period of 28 days.

    Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals

    For existing customers utilising the services from Cedar, the relevant and necessary personal information shall be kept for the duration of the contract and for a period no longer than 7 years after the cessation of the contract. At this point, all personal information shall be deleted or destroyed securely.

    Where Revive has relationships with other external suppliers, the personal data shall be kept for the duration of the professional relationship or until we are notified of a change to personnel by the partnering company.

    For potential customers, information shall be retained to send information regarding the products and services offered by Revive. Where an individual confirms that the information is not of interest or not relevant to their organisation, the personal information shall be removed from the organisations record. This information may be stored on the client relationship manager system in use by Revive staff, on mobile phones and within the email system used by Revive employees.

    Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

    Revive employs the services of DTAccounting Limited for its Accounting.

    CedarScotland accepts the responsibilities for managing its own GDPA and that off RCCM that go with this role, which has been contractually defined. The relevant steps have been undertaken by CedarScotland Limited the parent company, to verify the security arrangements of all three organisations.

    Where information is held by letter or other manual means, such as but not limited to contracts, this information will be held at the CEO’s office in a secure environment (lockable cabinet in a lockable office), and only accessible to the relevant employees of Revive. Copies of manually held information is available to individuals by sending a request to info@cedarscotland.co.uk CedarScotland will comply with any requests for copies of information held within 1 month of receipt.

    From time to time it may be necessary for personal information and requests from individuals to be noted manually. Any information will, at the first opportunity, be updated on the client relationship manager database and the paper copy of the information destroyed securely.

    Personal information may be held on Revive employee’s mobile phones, tablets and laptops / pc’s, used only in their specific role at Cedar, and always within the EU. CedarScotland employees are not permitted to take company property away on holiday.

    It is company policy that all employees utilising electronic equipment outside of the CEO office must adhere to the following rules:

    • User names and passwords for devices and software must not be shared with any other colleague or person
      • Devices must be secured by password or PIN when not in use
      • Devices should not be left unattended when turned on
      • Devices must not be taken out of the UK unless on business within the EU. Devices must never be taken outside of the EU
      • Devices must be shut down and left in a secure place when not in use
      • When employees are on annual leave, devices must be placed out of plain sight within their residence and turned off

    All individuals have a right to request access to the information that CedarScotland Limited currently holds, and they can do this by sending a request to london@inhousemanager.com. The requested information will be supplied within 1 month of the request and is free of charge.

    All individuals have the right to have their personal data rectified if the information being used is incorrect. They can do this by sending a request to info@cedarscotland.co.uk. The information will be authenticated and corrected within 1 month of the request.

    All individuals have the right to request that their personal information be erased. In some circumstances it may not be possible for CedarScotland to comply with the request in full, where historical information is required for the fulfilment of a contract. If this is the case, we will tell you.

    All individuals have the right to restrict how we use their personal information. For requests please email info@cedarscotland.co.uk with specific information as to the restrictions required.

    Where an individual request the right to port their data to another provider, CedarScotland will provide the information required in a CSV format and will provide this information within 1 month of the request being received. Where a large amount of data is required, CedarScotland may extend this notice period by a further 2 months. In this scenario, CedarScotland will confirm without delay, and within 1 month, of the reasons for the extension. This extension option will be used where a large amount of data, or multiple requests are received, and will only opt for an extension where necessary.

    All individuals have the right to object to the way in which their personal data is processed. All communications will include the option for an individual to report their objection to CedarScotland, by emailing info@cedarscotland.co.uk On receipt of an objection, CedarScotland will stop processing the data unless it can demonstrate compelling legitimate grounds for the processing, which overrise the interests, rights and freedoms of the individual; or the processing is for the establishment, exercise or defence of legal claims. Any objections will be dealt with free of charge.

    Rights relating to automated decision making including profiling: CedarScotland Limited does not engage in automated decision making or profiling in any of its activities.

    Additional Information relating to the website www.cedarscotland.co.uk

    CedarScotland Limited operates a website which offers the opportunity for visitors to request more information by completing an online enquiry form. Where an individual offers their personal data by completing this form they are giving permission for a member of CedarScotland staff to contact them using the contact information provided via the enquiry form to respond to the enquiry. Information provided via the website will be entered on to the client relationship manager database system for the purposes of communicating, tracking and servicing enquiries. The information provided is sent securely via electronic means from the website to a CedarScotland Limited employee.

    We reserve the right to use cookies to improve the experience of using the website. Cookies are small files that the site places on your hard drive for identification purposes. You should note that cookies cannot read data off your hard drive. Your web browser may allow you to be notified when you are receiving a cookie, giving you the choice to accept it or not. By not accepting cookies, some pages may not fully function, and you may not be able to access certain information on the site.

    CedarScotland Limited also collects domain information as part of its analysis of the use of the site. This data enables us to become more familiar with which customers visit our site, how often they visit, and what parts of the site they visit most often. CedarScotland Limited uses this information to improve its commercial offerings. This information is collected automatically and required no action on your part.

    CedarScotland also employs the services of PMG, a third part service to notify CedarScotland Limited employees of organisations who visit www.cedarscotland.co.uk Information about visiting organisations is then used by CedarScotland Limited employees to contact the organisation to discuss the information viewed and to offer further information or advice. The PMG service offers access to names and job titles of key decision makes in organisations and for an additional fee, the email addresses of those individuals. CedarScotland Limited does not purchase email address information of visitors to the website but may use the information regarding the names of key individuals to ascertain whether there is an interest in the services and products provided by CedarScotland Limited.

    Where www.cedarscotland.co.uk contains links to other websites, CedarScotland Limited is not responsible for the privacy practices or content of other such sites. We encourage users to read the privacy statements on each site they link to that may collect personal data.

     

We hate waste and love savings and our business

To find out more just call us on 0131 449 4571 or 07766 078978
or send a message via our 
contact form