Onboarding Data Protection Policy

Fimatix (“We”) are committed to protecting and respecting your privacy and personal data. We will not collect any information about you except where it is specifically and knowingly provided by you. This data protection policy sets out the basis on which any personal data that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

What type of information is collected from you?

We will obtain a BPSS (Baseline Personnel Security Standard) check from you. The personal information we collect may include the following:

  • Title
  • Name (First and Surname)
  • Telephone number
  • Date of birth
  • Gender
  • Town of birth
  • Current address
  • National insurance number
  • Criminal record information
  • Employment history for 3 years
  • Passport
  • Driving license
  • Proof of address document
  • Residency/ Visa documents
  • Basic disclosure certificates (DBS)
  • Emergency contact
  • Employment references
  • Personal references
  • Company Information
  • Public Liability Insurance certificate
  • VAT certificate
  • ID style Photo (not automatically processed)
  • Witness Details to countersign the service agreement

We will only request and collect the minimum personal information necessary for Fimatix to perform its obligations to you and our clients. If we process any personal data named as ‘Special Categories’ under the GDPR will ask for explicit consent from you (with a genuine choice) except where that processing is necessary for us to carry out specific processing under the law (for example, legal reporting requirements to HMRC).

How is your information used?

We will use the information you give to us to:

  • Carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us
  • Perform BPSS and other Security checks
  • Complete and manage the onboarding process
  • Perform identity and qualification checks with the regulatory, industry or security authorities
  • Help us identify you so we know who we’re talking to
  • Keep accurate records of who we are introducing to our clients
  • Shared with clients to the extent of fulfilling contract obligations
  • Help prevent fraud or loss

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems only for as long as is necessary or as long as your Service Agreement is active for the relevant activity.

We will retain the personal information we process on behalf of our Clients only for as long as needed to provide services to our Client. Fimatix will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Fimatix has implemented technical, physical and administrative security measures to help protect against the loss, theft, misuse and unauthorised access of your information that we collect from you on behalf of our Clients.

Your rights

In addition to the company’s safeguards, your personal data is protected in the UK by the General Data Protection Regulation (GDPR). We will endeavour to keep the information you provide up to date, where required, and not retained for longer than is necessary. It will be kept securely to prevent unauthorised access by other people. If you have concerns about the processing of your personal data by Fimatix, you may contact us at GDPR@fimatix.com. If you find any inaccuracies with the personal data we retain, we will delete or correct them promptly.

Right to Access Your Information

The General Data Protection Regulation (GDPR) provides you with the right to access any information held about you. You can assert this right at any time. Please email GDPR@fimatix.com. We will endeavour to supply this information without delay and at the latest within one month of receipt.

Policy changes

We will notify you of any changes to this policy. This policy was last updated in July 2018. If you have any further queries or comments on our Data Protection Policy, please email us at GDPR@fimatix.com.