01795 418100
Who we are Contact

  • Data Protection Statement

Mainstream Group Limited

 

Data Protection Statement

Personal data is data which, by itself or with other data available to us, can be used to identify you.
We are Mainstream Group Limited, the data controller. This data protection statement sets out how we will use your personal data. You can contact us at Mainstream House, Bonham Drive,
Sittingbourne, Kent, ME10 3RY if we have any questions.

The types of personal data we collect and use
Whether or not you become a customer, we’ll use your personal data for the reasons set out below and if you do become a customer we’ll use it to manage the services that we provide to you. We’ll
collect most of the data we will use as part of your initial dealings with us, which will include for example:

  • if you enquire about or apply to attend one of our training courses, this enquiry/application could be for yourself or on behalf of someone else, such as an employees or colleague of yours;
  • if you enquire about or apply for a job vacancy advertised by our recruitment business;
  • if you enquire about or register with our temporary work agency;
  • if you enquire about or use the services of our haulage business;
  • if you are an employer and enquire about or use the services of our training department, our recruitment business or our temporary work agency.

If you use our services (either as a customer, employer, work seeker, worker or trainee) then we will also collect data both directly and indirectly during the course of providing services to you and
during the course of our business relationship with you.

The personal data we use may be about you as a personal and/or business customer and may include:

  • Full name and personal details including contact information (e.g. home and business address and address history, email address, home, business and mobile telephone numbers).
  • Date of birth and or age, we might need this to confirm eligibility for certain courses, awards and work placements, for example training and jobs which use certain types of equipment, plant or vehicles might have age related legal requirements. Additionally, your age will impact on matters such as the national minimum wage rates applicable to you.
  • Financial details related to your pay; if you work via our temporary work agency then we will use data relating to your tax code, pay from previous employments (form P45) , your salary and pay rate and we might also be sent data relating to matters such as attachment of earnings and other financial information from for example, HMRC, the Court Service and former employers.
  • Records of our services you’ve applied for or used. For example, we will collect, use and store data about courses, training and work placements that you have attended with us.
  • Records of our relevant services and activities that you have undertaken before you engaged with us, for example this will include data you have provided to us about past training courses attended and past employments.
  • If you have enquired about, applied to use or used our services using technology such as a computer or mobile telephone or similar devices we may collect data such as mobile phone location, IP address, MAC address.
  • If you have applied for trade credit with us; information from credit reference or fraud prevention agencies, electoral roll, court records of debt judgements and bankruptcies and other publicly available sources as well as information on any financial associates you may have.
  • Information about your education, qualifications and employment history, this is required for example to ascertain eligibility for certain training courses, funded training and employment placement purposes.
  • Information provided by you that you have chosen to provide to us as part of an employment or work placement application, this could include for example references, employment history, work preferences, location, criminal record, information about your health and well-being, your sickness record, your activities outside of work, your hobbies, details of your family and dependents. The provision of this information is optional and will vary from person to person, the consequences of not providing certain information might be that we can’t do certain things for you.
  • Information gathered by us and/or provided to us by others (such as HMRC and end-user work placement clients, referees, former employers), this would include for example sickness, absence and holiday information, information relating to your pay and tax, replies to references, employment history, work preferences, work locations, your conduct at work, disciplinary and grievance matters and hours worked.
  • Information provided by the Disclosure and Barring Service (DBS). For certain work placements we are required to obtain a DBS check and we will use, process and store DBS information provide to us about you. You will always be aware if we need to obtain a DBS about you and you will be required to provide your consent.
  • Personal data about other named applicants. This would be for example where you make an application on behalf of somebody else to attend one of our courses, for instance an employee or a colleague. When you provide this information to us, you must have their authority to provide their personal data to us we and must share this data protection statement with them beforehand together with details of what you’ve agreed on their behalf.

Monitoring of communications between us:

Subject to applicable laws, we’ll monitor, store and may record any calls, emails, text messages, social media messages and other communications between us, which relate to the services we provide and to the dealings between us. We’ll do this for regulatory compliance, self-regulatory practices, crime prevention and detection, to protect the security of our communications systems and procedures, to check for obscene or profane content, for quality control and staff training, and when we need to see a record of what’s been said. We may also monitor activities relating to the
dealings between us where necessary for these reasons and this is justified by our legitimate interests and/or our legal obligations.

The legal basis and purposes under which we will l process your personal data are:

  • Necessity to the performance of our contract with you.

This may be written, verbal or implied and will relate to all relevant services that we are providingbto you.

This will include, pre-contract activities relating to your enquiry to use or services and/or answering any questions you may have in relation to our services, which could include for example assisting you in deciding whether or not a service is appropriate or applicable to you and/or whether you are eligible to use that service.

This will include the management and performance of the services to be provided to you under the contract as well as updating, maintaining, processing and storing records relating to the services provided and the activities between us.

This may include, where you owe us monies, tracing your whereabouts and recovering debt.

  • As necessary for our own legitimate interests or those of other persons and organisations.

For good governance, accounting, and managing and auditing of our business operations;

To search at credit reference agencies if you are over 18 and apply for credit;

To monitor emails, calls, other communications, and activities between us;

For market research, analysis and developing statistics; and

To send you marketing communications that we believe are relevant to the services we provide to you and which we believe you will be interested in.

  • As necessary to comply with a legal obligation.

When you exercise your rights under data protection law and make requests;

For compliance with legal and regulatory requirements and related disclosures;

For establishment and defence of legal rights;

For activities relating to the prevention, detection and investigation of crime;

To verify your identity, make credit, fraud prevention and anti-money laundering checks; and

To monitor emails, calls, other communications, and activities relating to the dealings between us.
 

  • Based on your consent

For example, where you ask us to disclose your personal data to other people or organisations such as a prospective employer/engager.

To send you marketing communications where we’ve asked for your consent to do so.

You are free at any time to change your mind and withdraw your consent. The consequence might be that we can’t do certain things for you.

 

Sharing of your personal data

Subject to applicable data protection law we may share your personal data with:

  • The Mainstream Group of companies and associated companies in which we have shareholdings;
  • Sub-contractors and other persons who help us provide our services; for example, our payroll processers and third-party instructors;
  • End-user employers/engagers with whom you might be placed with via our recruitment business and/or temporary work agency;
  • Awarding bodies and other educational partners in relation to training services, this will include the Skills Funding Agency, other funding partners and colleges to whom we act as a subcontactor, Ofsted and external examiners,
  • With our legal and other professional advisors, including our auditors;
  • Fraud prevention agencies, credit reference agencies, and debt collection agencies;
  • Government bodies such as the Skills Funding Agency and HMRC
  • Courts, to comply with legal requirements, and for the administration of justice;
  • To other parties with a legitimate interest in the dealings between us, for example where an employer has paid for you to attend a training course.
  • To appropriate interested third parties in the event that we seek to sell, merge or restructure our business. For example, this would include a potential purchaser of our business.
  • Payment systems (e.g. Visa or Mastercard), if you choose to pay for our services using third party credit or a credit or debit card.
  • To our bankers who provide sale finance facilities to us and will require information relating to sales made by us to you.

International transfers

It may sometimes be necessary to transfer your personal data outside the UK and the European Economic Area. While some countries have adequate protections for personal data under applicable laws, in other countries steps will be necessary to ensure appropriate safeguards apply to it. These include imposing contractual obligations of adequacy or requiring the recipient to subscribe or be
certified with an ‘international framework’ of protection.

Automated decision making and processing

Automated decision making involves processing your personal data without human intervention to evaluate your personal situation such as your economic position, personal preferences, interests or behaviour, for instance in relation to data such as training date anniversaries, certification expiry dates, feedback about training courses, licences and qualifications held, work patterns and location of workers respective to work vacancies and requirements.. We may do this to decide what marketing communications are suitable for you and to analyse statistics. All this activity is on the
basis of our legitimate interests, to protect our business, and to develop and improve our services.

How long will we hold your personal data for?

Marketing - we will hold your data for a period of 6 years with a review every 3 years, you will have the opportunity to opt out or update or delete data at any point should you need to do so and details are set out in this policy as to how to do that.

Contracted Services - we will hold your data for 7 years in line with our regulatory requirements.

Your right to access your personal information

What is a Subject Access Request? This is your right to request a copy of the information that we hold about you. If you would like a copy of some or all your personal information, please email or
write to us at address at the bottom of this policy. We will respond to your request within one month of receipt of the request.

Your right to have your personal data corrected

We want to make sure your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate by emailing or writing to the address at the
end of this policy.

Your right to objections to the processing of your personal data

It is your right to lodge an objection to the processing of your personal data if you feel the “ground relating to your particular situation” apply. The only reasons we will be able to deny your request is
if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims. If you wish to object to the processing of your data, please email or write to the address at the end of this policy.

Your right to data portability

It is also your right to receive the personal data which you have given to us, in a structured,  commonly used and machine-readable format and have the right to transmit that data to another
controller without delay from the current controller if: the processing is based on consent or on a contract, and the processing is carried out by automated means. If you wish to make a data
portability request, please email or write to the address at the end of this policy.

Your right to be forgotten

You have the right to have personal data erased. This is also known as the ‘right to be forgotten’.
This right is not absolute and only applies in certain circumstances. You have the right to have your personal data erased only if one of the following applies;

  • We no longer need the data for the purpose for which we originally collected or processed it for;
  • Where we are relying solely on consent as our lawful basis for holding the data, and you have withdrawn your consent.
  • Where we are relying on legitimate interests as the basis for processing, and where we have no overriding legitimate interest to continue this processing;
  • Where we are processing your personal data for direct marketing purposes and you object to us doing so;
  • Where we have processed the personal data unlawfully

Card Payments Taken:

  • Card payments taken in person will be processed via Barclaycard. The customer will enter the details directly into the terminal and we will not store any card details
  • Card payments taken over the phone will be processed via Barclaycard. Card details will not be recorded on the phone call and will not be written down or stored in anyway.
  • Card payments taken online will be entered on the Sagepay website who we use as a payment gateway. Sagepay are level 1 PCI DSS certified.
  • We will not store cards details and we will not sell or offer them to third parties.

Address to contact us
Mainstream Group Limited, Mainstream House, Bonham Drive, Sittingbourne, Kent, ME10 3RY
[email protected]

Request a call back?

We are always delighted to hear from you and answer any queries so please enter as many details as possible below or give us a call. We are always here to help.

 01795 418100

 Email Us