We take the security of all personal data very seriously. We use a combination of technical, organisational and physical security measures to protect your personal data in line with our obligations under data protection law. Our employees receive training to help us comply with data protection law and safeguard your privacy.
This policy is issued on behalf of Pro Group Holdings Ltd. When we mention ‘Pro’, ‘us’, ‘we’, ‘our’ we mean the relevant company that processes the data within the Pro Group.
When we use the term ‘personal data’ we mean information relating to natural persons who:
Personal data may also include special categories of personal information or criminal conviction or offenses data. These are considered to be more sensitive and we only process them in more limited circumstances.
Understanding our role in relation to the personal data we handle is crucial when ensuring compliance with data protection laws and the fair treatment of individuals.
Depending on what role we perform for you, the Company will either be the:
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
We use different methods to collect data:
A cookie is a small text file that is placed and stored on your computer, mobile or other devices by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information about visitor behaviours to the website owner. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.
Before cookies are placed on your computer or device, you will be shown a pop-up prompt requesting your consent to set those cookies. By giving your consent here you are enabling us to provide the best possible experience and service to you. You can opt out of being tracked by Google Analytics across this and all websites by simply downloading this tool from Google: Cookie opt out.
We will only use personal data when the law allows us to. Most commonly, we will use personal data in the following circumstances:
Change of Purpose: We will only use the personal data for the purposes for which it was collected, if wider use is desired, we would require new consent from the individual.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We may share data with other companies in our group, affiliate businesses and with third party service providers (data processors), such as insurance providers, compliance, and other agents relevant to the business activity. Where any of the data is required for such a purpose, we will take reasonable steps to ensure that the data will be handled safely, securely and in accordance with individuals rights, our obligations and the obligations of the third party under the applicable law.
We have an obligation to disclose data in the following four examples permitted by law, and the other situations set out below. These are:
Also, it may be necessary to share your details in the following circumstances:
We require all third parties to respect the security of your personal data and to treat it in accordance with the law of the jurisdiction it is handled in. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to use it in accordance with our agreement with them and this policy.
Sometimes we, or third parties acting on our behalf, may need to transfer personal data between jurisdictions. The Company will always take steps to ensure that any transfer of personal data outside of its home jurisdiction is carefully managed to protect privacy rights and ensure that adequate safeguards are in place. This might include transfers to countries that are considered to provide adequate levels of data protection for all personal data (such as countries in the European Union) or putting contractual obligations in place with the party we are sending information to. Transfers within the group will be covered by an agreement entered into by members of the group (an intra-group agreement) which contractually obliges each group company to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred within the group.
We have put in place appropriate security measures, policies and procedures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach. We will notify you and the applicable regulator or authority of the breach where we are legally required to do so.
The Company will only retain personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process the data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
To support us in managing how long we hold data and our record management, we maintain a data retention policy which includes clear guidelines on data retention and deletion.
Under certain circumstances, individuals have rights under data protection laws in relation to personal data:
Data subjects may submit a Subject Access Request to obtain a copy of the personal data that we hold about them in a structured or portable manner.
To make a Subject Access Request please write to:
The Data Protection Officer
Or email: DPO@pro-global.com
You will need to provide the following documentation for verification purposes:
We aim to respond to all valid requests within one month. It may take longer if the request is particularly complicated or if several requests have been made. We’ll always let you know if we think a response will take longer than one month. We may also ask you to provide more detail about what you want to receive or are concerned about.
We do our best to ensure that your personal information is accurate and kept up to date. If you believe your information is inaccurate or incomplete, then please contact us to request that we amend or update it.
You may ask us to erase your personal data, but this right only applies in certain circumstances, e.g. where:
This isn’t an absolute right and we have to balance your request against other factors such as legal or regulatory requirements, which may mean we cannot erase your Personal Information.
You may ask us to stop using your personal data in certain circumstances such as:
This isn’t an absolute right and we may not be able to comply with your request.
In some cases, you can ask us to transfer the personal data that you have provided to us to another third party of your choice. This right only applies where:
Where we are relying on your consent to process your personal data, you have the right to withdraw this consent. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you have any cause for complaint about our use of your personal data, please contact us using firstname.lastname@example.org we will do our best to solve the problem for you.
Write to us:
Data Protection Officer
Or email us on: DPO@pro-global.com
Pro Group covers many jurisdictions, whilst we predominantly practice the rules under the UK General Data Protection Regulation (UK GDPR), we do adhere to any local niches with the data protection sphere.
If you have any concerns about the way in which we handle your data, please refer to your local supervisory authority: