Resources Group is committed to ensuring that the data it holds and processes on behalf of its staff, clients and candidates, in fully secure in accordance with the General Data Protection Act 2018 (UK) and The Privacy Act 1988 (Australia).
We obtain, use, store and otherwise process personal data relating to current and former staff, candidates and clients. We undertakes to process that data fairly and lawfully in accordance with individuals’ rights. We do not process personal data unless the individual whose details are being processing has consented to this happening.
We also ensure that the data is:
· used fairly, lawfully and transparently
· used for specified, explicit purposes
· used in a way that is adequate, relevant and limited to only what is necessary
· accurate and, where necessary, kept up to date
· kept for no longer than is necessary
· handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage.
Responsible officials
The following have responsibility for an authority over the company’s information security:
Steven Marshall (Group Managing Director)
Jason Scott (IT Manager - Clear Thinking IT)
Document control
Documentation is maintained on the central IT system at the Resources Group head office at 32 Threadneedle Street, London EC2R 8AY.
No paper records are kept (except on financial matters as required by HMRC); records are stored securely for shredding by our authorised external contractors.
Document location
No IT records may be removed from the premises by staff in any format. External access to the system by staff working offsite is through a secured VPN subject to strict security protocols.
The Resources Group IT system is located in a locked server room at Clear Thinking’s premises in Billericay, Essex accessible only by the responsible officials.
Review procedures
Security policies are monitored day to day by the responsible officials and reviewed regularly by the Group Managing Director.