Back to blog listings

Lequin Ltd Company Handbook

01 Oct 2017

Lequin Ltd Company Handbook
Created by the Directors Lequin Ltd
01225 33 88 93 | peter@lequin.co.uk | www.lequin.co.uk
Registered in England number 4693595 Registered Office: 15 New King Street, Bath. BA1 2BL Page 1 of 1

1. Introduction to Lequin
Lequin Ltd delivers tailored coaching and leadership development programmes. Through our training, executive coaching, team coaching, coach training, profiling, audits and creativity workshops, we develop leaders and high performing teams to dramatically improve business performance.
Using an international team, Lequin Ltd provides the platform and creative space for leaders and teams to reflect, reshape, innovate and ultimately, excel.
Many of the world’s leading blue chips work with us to deliver innovative, challenging leadership development. Through our passion and drive for results, we create leadership development that really delivers. We create leadership development and executive coaching to shape cultures.

2. Company Information
Registered Address: CompanyRegistration: Date of Registration: VAT Number:
PAYE Reference No: Corporation Tax No: Company Bankers: Company Auditors:
15 New King Street, Bath. BA1 2BL 4693595
11th March 2003

3. Insurance Details
Employee Liability Insurance:
Public Liability Insurance: Professional Indemnity Insurance:
Directors are covered under the Professional Indemnity Insurance outlined below.
Covered under the Professional Indemnity Insurance below. £5million indemnity with Hiscox Plc.

4. Membership of Professional Bodies
All Lequin Directors and coaches are members of the International Coach Federation and abide by their code of ethics. Employees are free to join a trade union of their choice and to bargain collectively on wages, benefits and working conditions without fear of harassment or intimidation.
01225 33 88 93 | peter@lequin.co.uk | www.lequin.co.uk
Registered in England number 4693595 Registered Office: 15 New King Street, Bath. BA1 2BL Page 2 of 2
  
5. Equal Opportunities, Diversity and Racial Equality
Lequin is an equal opportunities organisation.
In accordance with the responsibilities laid out under the Race Relations Act 1976 (as amended by the Race Relations [Amendment] Act 2000), Lequin takes seriously its responsibilities to eliminate unlawful racial discrimination, promote equal opportunities and promote good relations between people of different racial groups.
When recruiting staff or associates, decisions are made based on the best fit for the client in terms of skills, background, and experience. In the majority of cases the ultimate decision of coach or trainer for a piece of work will be down to the client. It is the company's intention that all employees should have an equal chance of being selected for projects, irrespective of the employee's:
• sex
• race, colour nationality, ethnic origin • sexual orientation
• religion or belief
• age
Associate coaches can apply to join Lequin by completing a form on the website www.lequin.co.uk. We do not undertake recruitment advertising. It is the company's policy to employ and provide a suitable environment for people with disabilities. All reasonable facilities will be provided for employees with disabilities to pursue their careers without difficulty or disadvantage.
If you feel that the letter and general intent of the diversity policy has not been fully implemented then you should draw this to the attention of one of the company directors.
 

6. Concerns and grievances
The company takes employee concerns very seriously. These issues may include concerns over other associates, health and safety, employee rights, discrimination or any other grievances. If you have a grievance you should set out your grievance in writing and send the statement or a copy of it to one of the directors. A meeting will be held to discuss the concern or grievance within 30 days and any action decided upon will be documented with a view to addressing the concern within a reasonable period of time. You will be invited to attend this meeting.

7. Quality Assurance
Lequin places a high value on quality and strives to deliver it in every aspect of the operation. There is no formal quality accreditation held by the company but there are processes in place to ensure the highest standards at all times.
These include:
• The development of a detailed training matrix linked to the Lequin Russian doll model that all our coaches and trainers are trained and assessed on, which ensures that we deliver a consistent and high quality service to our clients.
• Regular client feedback both at an individual and organisational level on our coaches / trainers performance and the impact of the programme.
• Stringent matching processes to ensure that coaches / trainers are well matched to clients in terms of skills, background, capabilities and client requirements.
• Supervision sessions for all the Directors and coaches of the business. These sessions are run by a fully trained and accredited coach supervisor.
• Membership of the ICF or Association of Coaching for all our coaches and adherence to their stringent code of ethics.
• Individual commitment by coaches / trainers to CPD.
All company directors are responsible for Quality Assurance within the business.
Quality Auditing is carried out by: Jenny Bird
 

8. Health and Safety
Lequin recognises its legal duty for providing a safe and healthy environment for its Directors and employees. Lequin has no public offices open to the public. Where Lequin use associates these are sole traders or limited liability companies and are therefore responsible for their own health and safety within their individual office environments. Lequin’s client work is carried out either in client premises or in hotel / conference venues. In these situations the Project Co-ordinator or Lead Trainer is responsible to finding out and adhering to the Health and Safety Policy of the venue to ensure that our client’s safety is upheld at all times.
Lequin monitor adherence to Health and Safety through:
6.1 Feedback forms completed by participants
6.2 On the job supervision / observation of coaches / trainers
The Health and Safety Officer for Lequin is: Peter Willis. Additional advice on Health and Safety is sourced from: Business Link Berks and Wilts on: 0845 600 9 006
9. Environment & Sustainability Policy
Lequin recognises its local and global environment impacts and is committed to implementing an effective environmental management system. This system will aim to:
• Minimise negative impacts on the environment and maximise positive impacts while pursuing the company’s business.
• Take account of environmental impact when setting aims and objectives for the organisation
• Support the environment by purchasing items that are environmentally friendly or made from
recycled materials wherever possible / appropriate.
• Recycles all office equipment that is recyclable in order to minimise its impact of the
environment.
• Request employees send any materials used in the delivery of our work that cannot be
recycled locally to the company registered address for environment disposal.
One of Lequin’s corporate charities is the Woodland Trust.
The Director responsible for Environmental Policy is: Marie Whitehead.
10. Code of Conduct of business ethics & corporate social responsibility
All contractors and employees are requested to abide by the following:
Lequin has a strong commitment in promoting honest conduct and ethical business conduct by all employees and compliance with the laws that govern the conduct of its business and the Company shall enjoy an impeccable reputation for corporate trustworthiness. Lequin believes that a commitment to honesty, ethical conduct and integrity is a valuable asset that builds trust with its customers, suppliers, employees, shareholders and the communities in which it operates. To implement its commitment, the Company has developed a code of conduct of business ethics and corporate social responsibility (the Code). The Code shall apply to all entities controlled by the Company and all employees, directors and officers of the Company (Employees). All Employees are required to read and understand the Code. The Code shall be reflected, promoted and implemented in policies, decisions and actions and the Company shall encourage suppliers, consultants and other business partners within its sphere to influence to adopt these principles.

9. Compliance with Laws, Rules and Regulations
All Employees are responsible for complying with the applicable laws, rules and regulations and regulatory authorities that affect the Company’s business.
Honest and Fair Dealing
Employees shall endeavour to deal honestly, ethically and fairly with the Company’s customers, suppliers, competitors and employees. No Employee should take unfair advantage of anyone through manipulation, concealment, abuse of privilege information, misrepresentation of material facts, or any other unfair-dealing practice.

Conflict of Interest and Corporate Opportunity
Employees shall avoid any interest that conflicts or appears to conflict with the interests of the
Company or that could reasonably be determined to harm the Company’s reputation, and report
any actual or potential conflict of interest immediately to a Director.
A conflict of interest exists if actions by any Employee are, or could reasonably appear to be,
influenced directly or indirectly by personal considerations, duties owed to persons or entities other than the Company, or by actual or potential personal benefit or gain. Employees owe a duty to advance the legitimate interests of the Company when the opportunities to do so arise.

Confidentiality and Privacy
Each Employee shall protect the confidentiality of Company information. Confidential information includes such items as non-public information concerning the Company’s business, financial results and prospects and potential corporate transactions. Employees are required to keep such information confidential during employment as well as thereafter, and not to use, disclose, or communicate that confidential information other than in the course of employment. The consequences to the Company and the Employee concerned can be severe where there is unauthorized disclosure of any non-public, privileged or proprietary information.

Proper Use of Company Assets

The Company’s assets are only to be used for legitimate business purposes and only by authorised Employees or their designees. This applies to tangible assets (such as office equipment, telephone, copy machines, etc.) and intangible assets (such as trade secrets and confidential information). Employees have a responsibility to protect the Company’s assets from theft and loss and to ensure their efficient use.

Corporate Communications Policy
Only certain designated Employees may discuss the Company with the news media, securities analysts and investors. All inquiries from regulatory authorities or government representatives should be referred to the CEO. Employees exposed to media contact when in the course of employment must not comment on rumours or speculation regarding the Company’s activities.

Drugs and Alcohol
Lequin prohibits the illegal use, sale, purchase, transfer, possession or consumption of controlled substances, other than medically prescribed drugs, while on company premises. Company policy also prohibits the use, sale, purchase, transfer or possession of alcoholic beverages by Employees while on Company premises, except as authorized by the Company. This policy requires that the   Company must abide by applicable laws and regulations relative to the use of alcohol or other controlled ubstances.
 

10. Policies Against Discrimination and Harassment

The Company prohibits discrimination against any Employee or prospective Employee on the basis of sex, race, colour, age, religion, sexual preference, marital status, national origin, disability, ancestry, political opinion, or any other basis prohibited by the laws that govern its operations. The Company prohibits unlawful harassment. Employees are expected to treat one another with respect. “Harassment” includes any conduct likely to cause offense or humiliation to any person or that might, on reasonable grounds, be perceived by a reasonable person to place a condition on employment or on any opportunity for training or promotion.
 

11. Lequin Shall Prevent Money Laundry

The Company will take necessary steps to prevent its financial transactions from being used by others to launder money as defined under applicable laws.

Entertainment, Gifts, Payments and Bribery

  • Decisions by the Company and its agents relating to the procurement and provision of goods and services should always be free a perception that favourable treatment was sought, received or given as the result of furnishing or receiving gift, favours, hospitality, entertainment or other similar gratuity. The giving or receiving of anything of value to induce such decisions is prohibited. Employees should not solicit a gift or favour from those with whom we do business. Providing or receiving gifts or entertainment of nominal value motivated by commonly accepted business courtesies is permissible.
  • No bribes or other similar payments and benefits, directly or indirectly, shall be paid to employees of suppliers or customers.

12. Criminal Finances Act 2017

This note comprises the policy of the Company (“we”) towards our responsibilities under the Criminal Finances Act 2017. The Act was passed on 27th April 2017 and comes into force on 30th September 2017. In overview, in line with all companies in the UK, we are required to take reasonable prevention procedures to prevent the facilitation of tax evasion either in the UK or abroad.

Overarching approach We are committed to taking reasonable steps to prevent involvement in the criminal facilitation of tax evasion. The commitment extends to anyone acting on our behalf.

Risk assessment Due to the nature of what we do, the risks are considered to be very low, bordering on remote. The main risks are presently thought to be:

i) receiving an overpayment into our account, and being asked to refund it, thereby ‘cleaning’ the money;
ii) being asked by a supplier to pay in cash, knowing or reasonably knowing that their intention is not to declare the receipt for VAT or other reasons.

These risks are mitigated by:

  • Employing appropriately skilled staff with appropriate oversight by management.
  • Communicating clearly to staff that we are committed to preventing the facilitation of tax evasion.
  • The monitoring and enforcement of staff procedures.
  • The monitoring and enforcement of prevention procedures.
  • The only accepted payment methods of premiums is by way of bank transfer, credit or debit card and cheques; cash payments are declined in order to further mitigate any risks of potential facilitation of tax evasion. Regular reviews of procedures.

Other risks are seen as very low or remote, but are also mitigated by the above.

Further detail

The law is in its infancy, and practice and procedures may develop over time. Our legal advisor may advise on different or further steps which may or should be taken. Such advice, or information which we see in our professional reading, will be taken into account in a way consistent with our wish to operate to high standards. We will consider, and take appropriate advice on what if any ‘whistle blowing’ is required should we have any concerns of suspected facilitation.

Directors have been appraised of this new law.

Commencement date  - This policy is implemented with immediate effect.


13. Compliance with Anti-Trust Laws
The Company’s business may be subject to United States, European Union and other foreign government anti-trust and similar laws. All Employees must comply with such laws and you should confer with the Directors whenever you have a question with respect to the possible anticompetitive effect of particular transactions.

14. Health, Safety and Environmental Protection
! The Company shall conduct its business in a manner designed to protect the health and safety of its Employees, its customers, the public, and the environment. Lequin’s policy is to operate its business in accordance with all applicable safety, environmental and safety laws and regulations so as to ensure the protection of the environment and the Company’s personnel and property. All Employees should conduct themselves in a manner that is consistent with this policy.
Resource Efficiency
! The Company’s assets and services and business model shall be designed in such a way that energy and materials are efficiently used, and waste and residual products are minimized over the life cycles.


15. Lequin Policy regarding human rights
Lequin believes that a coherent and responsible position on human rights is an essential element of its sustainability strategy. Respecting human rights in its markets, its operations and in its value chain belongs to Lequin corporate responsibility. In that spirit, Lequin orients itself to the following principles regarding the respect of human rights:
Compliance
Lequin expects from its Management and employees to act at all times in accordance with all applicable laws, rules and regulations and to be guided by relevant international or other recognized standards such as the Guiding Principles on Business and Human rights and the Social Accountability
  
  8000 as well as by company policy regarding procurement. Lequin expects its suppliers and business partners to apply similar level of compliance.
Identification
Lequin seeks to identify and to prevent breaches of human rights in its operations and its value chain through established procedures within its risk management, its supplier risk management or its procurement management. Identification can be performed on location through audits and controls or through other tested channels such as whistleblowing.
Prevention and remedy
Lequin will address identified issues on human rights in a preventive or in a corrective manner. Appropriate procedures are in place to prevent breaches on human rights, mitigate or eliminate them and track progress.
Transparency
Lequin is transparent about its approach to human rights. Disclosures are made in accordance with applicable reporting requirements and standards such as GRI.
 

16. Modern Slavery statement Lequin Ltd are committed to ensuring modern slavery does not exist in its supply chains. We constantly strive to develop, policy and procedures to manage the way we obtain our goods and services to keep our supply chains robust. An official audit assessed our approach and progress this year concluding it was deserving of the highest audit opinion available. To date we have had no reports of modern slavery within our organisation nor our supply chains. 

Supply chain

Over the past year Lequin Ltd has developed a programme to assess the modern slavery standards of suppliers, and issued all suppliers with a questionnaire to better understand their environmental and ethical credentials. We check that staff can demonstrate their eligibility to work in the UK and requires all contractors and agency staff to undergo an eligibility check before commencing work with Lequin. This statement is made pursuant to section 54(1) of the Modern Slavery Act 2015 Approved by the directors of Lequin on 1 Oct 2019.

17. Lequin Privacy Policy
Lequin Ltd is committed to protecting and respecting your privacy and has developed a Privacy Policy that covers how we collect, use, disclose, transfer, and store your information.
1. What we collect
We collect certain information or data about you when you voluntarily contact Lequin Ltd. This information is viewed by authorised people in Lequin Ltd to respond to any message you send us.
For example, we collect and retain:
! Questions, queries or feedback you leave, including your name and email address, if you use the “Contact Us” form on our website. This data is used to respond to your message.
! The information contained on your business card if we meet through business networking with the potential of working together.
! Your name, email address, postal address and telephone number in any subsequent communication with you for the purposes of delivering our coaching and training services.
! Paper records of your personal information, where necessary in order to print out information to deliver our work. For example, for executive coaching clients we print forms or emails that may be referenced during the coaching.
2. Where your information is stored
We store your information, whenever possible, on secure servers in the European Economic Area (EEA). Some of our associates are based outside the EEA and therefore your information may be accessed outside the EEA.
Information is stored in electronic form within email systems, in files held securely on computers and in printed form in files held within our offices.
3. Keeping your information secure
We have procedures and security features in place to keep your information secure once we receive it. This is detailed in the Lequin Company Handbook under our Data Protection Policy.
4. Disclosing your information
We may pass on your personal information if we have a legal obligation to do so. We will not share your information with any other organisations for marketing, market research or commercial purposes, and we do not pass on your details to other websites.
  
5. Your rights
You can request details of all the personal information that we hold about you under the Data Protection Legislation. If you believe that any information we are holding on you is incorrect or incomplete, email us as soon as possible at the address below. We will correct any information found to be incorrect within 28 days of receipt of that request.
You are also entitled to request that any data that we hold on you is destroyed or erased, and we shall comply with that request within 28 days of receipt of that request.
If you have previously agreed to us using your personal information such as your name and email address for newsletters, we will continue to keep this information but you may change your mind at any time by emailing us at peter@lequin.co.uk.
6. Changes to the Privacy Policy
Any changes made to the Privacy Policy will be uploaded onto our website.
7. About Us
Lequin Ltd is a limited company registered in England and Wales (Company Number 4693595), registered address 15 New King Street, Bath BA1 2BL. Any queries relating to this Policy should be directed to the Company Director, Peter Willis at peter@lequin.co.uk or at the registered company postal address above.
 

17. Lequin Data Protection Policy

Introduction
The General Data Protection Regulation is European wide data protection legislation that requires organisations working with individuals based in the European Economic Area to meet certain requirements regarding the collection, processing, security and destruction of personal information.
Purpose
This policy sets out how Lequin Ltd and its Associates will seek to ensure compliance with the legislation.
Application
This policy applies to Lequin Ltd’s dealings with clients and third parties that may be involved in processing customer related information. It covers the way personal information should be obtained, used, shared, physically stored and destroyed.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) governs the processing (ie. obtaining, holding, organising, recording, retrieval, use, disclosure, transmission, combination and destruction) of personal and sensitive data (ie. information relating to a living individual - the data subject) and sets out the rights of individuals whose information is processed in manual or electronic form or held in a structured filing system. There are six principles that describe the legal obligations of organisations that handle personal information about individuals. These Principles are:
1. Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the individual.
The information we gather about an individual will be collected in a way where they are fully informed how we intend to use that information, for what purposes and how we will share it.
2. Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
We will explain why we need the information we are collecting and not use it other than for those purposes.
3. Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
We will only collect the information we need to provide the services required.
4. Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
The information we collect will be accurate and where necessary kept up to date. Inaccurate information will be removed or rectified as we become aware of the changes.
5. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals.
We will not hold information for longer than is necessary.
6. Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
We will make sure that the personal information we hold is held securely to ensure that it does not become inadvertently available to other organisations or individuals.
Lequin Ltd fully supports these principles.
Handling personal information, lawfully, fairly and transparently
The first and second principles require Lequin Ltd to acquire and process personal information lawfully, fairly and in a transparent way. Lequin Ltd therefore is clear at the outset about the purpose for which information is obtained and processed. Lequin Ltd aims to ensure that:
1. there are comprehensive marketing plans and operational procedures in place for initiating contact with prospects and generating sales in a manner that complies with the General Data Protection Regulation;
2. personal information is collected and used only when there are legitimate business reasons which are balanced against the interests of the individual concerned;
3. personal information is not used in ways that would have adverse effects on individuals;
4. the purpose or purposes for which the information is to be used is made clear to individuals
and they have a choice as to whether to provide the information.
5. Individuals are provided with easy to read and understand privacy notices when information is
collected;
6. personal information will only be handled in ways that individuals would reasonably expect;
and
7. on request, we can provide to the individual a copy of the personal information we hold about
them.
Appropriate records will be maintained to demonstrate compliance with the above-mentioned requirements.
 

Consent
Consent will be required for certain types of information usage, generally relating to mailing lists and marketing communications.
When consent is required, it must be freely given, specific, informed and unambiguous. Requests for consent should be separate from other terms, and be in clear and plain language. The individuals consent to using their personal data must be as easy to withdraw as to give. Consent must be “explicit” for sensitive data. Lequin Ltd is required to be able to demonstrate that consent was given. Under the Privacy and Electronic Communication Regulations (PECR) there are specific requirements relating to unsolicited direct marketing communications. A solicited communication is one that is actively invited, either directly by the customer or via a third party. An unsolicited communication is one that the customer has not invited but they have indicated that they do not, for the time being, object to receiving it. If challenged, businesses would need to demonstrate that an individual has positively opted in to receiving further information from us.
Lequin Ltd understands that it is unlawful to contact customers or organisations that have informed us that they do not wish to receive unsolicited marketing material. Therefore, Lequin Ltd is aware of and complies with the following:
Telesales – Lequin Ltd ensure that individuals and organisations they wish to contact are not registered on the Telephone Preference Service (TPS) or the Corporate Telephone Preference Service (CTPS) respectively. If they are registered or have directly notified Lequin Ltd not to call, then unsolicited direct marketing calls will not be made to them.
Emails and text message – Lequin Ltd will not contact individuals by email or via text message without obtaining prior consent unless the individual’s details have been obtained in the course of a sale or negotiations of a sale. Individuals will be given the opportunity to opt out of receiving further marketing emails or texts each time that such contact is made.
The Mailing Preference Service (MPS) is managed by the Direct Marketing Association and supported by Royal Mail to enable individuals to register their names and addresses to limit the amount of direct mail they receive. Unsolicited marketing material will not be sent by post to individuals that have informed Lequin Ltd they do not wish to receive such information or they have registered with the MPS.
Lequin Ltd maintains internal logs of individuals and organisations that have indicated that they do not wish to receive unsolicited marketing information and conduct checks against the TPS, CTPS, FPS, eMPS and MPS databases as appropriate.
When data is purchased from third parties for prospecting purposes, Lequin Ltd ensures that the data has been acquired by the third party through fair and lawful means, the data can be used for the purposes of unsolicited marketing activities and that the data has been cross-checked by the third party against the appropriate preference service databases.
 

PECR and cookies
Under the PECR, as from 26 May 2011, businesses must seek consent before any cookie is set on an individual’s computer.
Cookies are small, often encrypted text files, located in browser directories. They are used by companies to help users navigate websites efficiently and perform certain functions. Cookies are also used to keep computer users logged in and their personal details private or for tracking their activity so that companies can improve the website. Cookies can be used by third parties to track information about individuals and spam them with adverts. By themselves, cookies pose no risk since they do not contain viruses.
Session cookies enable the website to track user movement from page to page so that the user does not get asked for the same information again. The most common example of this functionality is the shopping cart feature of an e-commerce website. Session cookies are never written on the hard drive and they do not collect any information from the user's computer. Session cookies expire at the end of the user's browser session.
Persistent cookies are stored on the user's computer and are not deleted when the browser is closed. Such cookies can retain user identities and preferences, allowing those preferences to be used in future browsing sessions.

  
  Lequin Ltd are responsible for ensuring that the website complies with the PECR and that, where necessary, appropriate information is disclosed to website users and consent is obtained from users before cookies are set.
Fair treatment
Fairness generally requires us to be transparent, i.e. clear at outset and open with individuals about why the information is being collected and how it will be used. Assessing whether information is being processed fairly depends partly on how it is obtained. In particular, if anyone is deceived or misled when the information is obtained, then this is unlikely to be fair.
Lequin Ltd aim to ensure that, in all cases, consent and privacy statements will:
! be clear, fair and not misleading;
! explain the consequences of not providing the required information;
! explain how long the information will be kept for;
! explain if the replies to questions are mandatory or voluntary;
! explain if the information will be transferred overseas;
! explain that if the information will be shared, who with and how they will use it;
! explain how customers may be contacted e.g. telephone, email, SMS, post;
! explain customers’ rights – e.g. they can obtain a copy of their personal information;
! explain who to contact if they wish to know more information about how their information is
held or to opt-out of receiving further information or if they need to complain; and
! explain customers’ right to complain to the Information Commissioner’s Office.
Lequin Ltd is responsible for ensuring that the following details are communicated to clients:
1. the identity of the business or if appropriate, its nominated representative;
2. the purpose(s) for which the business intends to process the prospect’s or customer’s personal information and if the information is to be shared or disclosed to other organisations (so that the individual concerned can choose whether or not to enter into a relationship with the
company sharing it);
3. any additional information that will enable the business to process the information fairly; and
4. how customers can access the information held about them (as this may help them to spot
inaccuracies or omissions in their records – see section below on Rights of Data Subjects).
Minimum amount of personal data
Under the principles of GDPR, Lequin Ltd identify the minimum amount of personal data we need so as to properly fulfil our purpose. We ensure that we hold that much information, but nothing further. If we need to hold particular information about certain individuals, we only collect the information for those individuals and nothing more. Lequin Ltd does not hold personal data on the off-chance that it might be useful in the future.
Accurate and kept up-to-date
Lequin Ltd will:
! Take reasonable steps to ensure the accuracy of any personal information they obtain;
! Ensure that the source of any personal information is clear;
! Establish if the individual has challenged the accuracy of the information, this is evaluated and
recorded carefully; and
! Consider whether it is necessary to update the information, particularly if the purpose relies on
the information being current.
Lequin Ltd understands that an expression of an opinion about an individual is classed as their personal information. The record of an opinion (or of the context it is held in) will contain enough information to enable a reader to interpret it correctly. If an opinion is likely to be controversial or very sensitive, or if it will have a significant impact when used or disclosed, Lequin Ltd understands that it is even more important to state the circumstances or the evidence it is based on. Any remarks made in emails or system notes would need to be disclosed if the individual. Therefore, Lequin Ltd ensures that records do not contain anything that might be considered derogatory, or offensive, even though the record is generally for internal use.

Rights of Individuals
The General Data Protection Regulation creates specific rights of individuals. These include: ! The right to be informed
! The right of access
! The right to rectification
! The right to erasure
! The right to restrict processing
! The right to data portability
! The right to object
! Rights in relation to automated decision making and profiling.
Subject Access Requests
An individual has the right to see the information that Lequin Ltd holds about them and can make a request to access this information. Requests must be responded to within 28 days of receipt.
In line with the GDPR, Lequin Ltd will request certain information before responding to a request:
! enough information to judge whether the person making the request is the individual to whom the personal information relates to avoid personal information about one individual being sent to another, accidentally or as a result of deception.
! Sufficient information that would reasonably be required to find the personal information amongst the records held by the company and covered by the request.
In the event of an individual making a subject access request via a third party Lequin Ltd will request written consent from the individual to confirm that the third party can request and receive information on the individual’s behalf.
An individual who makes a request is entitled to be:
! told whether any personal information is held and being used;
! given a description of the personal information, the reasons it is being processed, and whether
it will be shared with any other organisations or individuals;
! given a copy of the information; and
! given details of the source of the information (where this is available).
Requests for information from law enforcement agencies
The General Data Protection Regulation includes exemptions, which allow personal information to be disclosed to law enforcement agencies without the consent of the individual who is the subject of the information, and regardless of the purpose for which the information was originally gathered. Lequin Ltd will release personal information to law enforcement agencies if required to do so.
Shared documents
Lequin Ltd does not have shared cloud access with those we work with.
Data security
Lequin Ltd has appropriate security measures to prevent personal information held being accidentally or deliberately compromised. In particular, Lequin Ltd:
!
! !
!
have designed and organised security to fit the nature of the personal information held and the harm that may result from a security breach;
are clear about everyone’s responsibility for ensuring information security;
make sure that the correct physical and technical security is in place, backed up by robust processes and procedures and reliable, well-trained associates; and
are ready to respond to any breach of security swiftly and effectively.
Lequin Ltd
individuals if their personal information is lost or abused (this is sometimes linked to identity fraud).
recognise that information security breaches may cause real harm and distress to the
Managing and monitoring associates
Lequin Ltd ensures that associates or those acting on their behalf are aware of, trained and comply with regulatory requirements and company policies on data protection and information security matters.

There are controls in place to ensure that those people handling customer or confidential business information are honest and trustworthy and do not disclose information about customers without checking the identity of callers and verifying that they are entitled to the information being requested.
There are controls in place to ensure that only authorised personnel can access, alter, disclose or destroy personal information and only act within the scope of their authority. All paper records containing customer information and commercially sensitive information are stored securely when not in use and desks are cleared at the end of the working day.
 

Outsourcing
Lequin Ltd has procedures in place if we use third parties to process information to ensure that we:
! only choose a data processor that provides sufficient guarantees about its security measures
to protect the information and the processing it will carry out;
! take reasonable steps to check that those security measures are working effectively in
practice; and
! put in place a written contract setting out what the data processor is allowed to do with the
personal information or business information.
Lequin Ltd requires third parties that it works with to ensure that there are adequate security measures in place to secure the information that is being held.
Restrictions on transferring information to non EEA countries
There are no restrictions on moving personal information within EEA countries. As Lequin Ltd uses cloud services, we know that personal information will be held within the EEA. We are open and transparent with our clients and potential clients about where their information is processed and accessed.
Lequin Ltd considers the following factors when deciding whether or not to transfer information overseas:
! the nature of the personal information being transferred;
! how the information will be used and for how long; and
! the laws and practices of the country where information is being transferred to.
We also consider additional factors such as:
! the extent to which the country has adopted data protection standards in its law;
! whether there is a way to make sure the standards are achieved in practice; and
! whether there is an effective procedure for individuals to enforce their rights or get
compensation if things go wrong.
Data loss
If personal information is accidentally lost, altered or destroyed, attempts to recover it will be made promptly to prevent any damage or distress to the individuals concerned. In this regard Lequin Ltd considers the following:
! containment and recovery – the response to the incident includes a recovery plan and, where necessary, procedures for damage limitation.
! assessing the risks – assess any risks and adverse consequences associated with the breach, as these are likely to affect how the breach needs to be contained.
! notification of breaches – informing the Information Commissioner’s Office or other relevant Supervising Authority as necessary (within 72 hours), law enforcement agencies and individuals (whose personal information is affected) about the security breach is an important part of managing the incident.
! evaluation and response – it is important to investigate the causes of the breach, as well as, the effectiveness of controls to prevent future occurrence of similar incidents.
! Additionally, Lequin Ltd would also look to ensure that any weaknesses highlighted by the information breach are rectified as soon as possible to prevent a recurrence of the incident.
  
  Data retention
To comply with information retention best practice, Lequin Ltd establish standard retention periods for different categories of information, keeping in mind any professional rules or regulatory requirements that apply and ensuring that those retention periods are being applied in practice. Any personal information that is no longer required will either be archived or deleted in a secure manner.
Lequin Ltd’s retention periods for different categories of personal information are based on individual business needs.
Lequin Ltd understands the difference between permanently deleting a record and archiving it. If a record is archived or stored offline, it will reduce its availability and the risk of misuse or mistake. If it is appropriate to delete a record from a live system, Lequin Ltd will also delete the record from any back- up of the information on that system, unless there are business reasons to retain back-ups or compensating controls in place.
Secure disposal of records and computer equipment
Once the retention period expires or, if appropriate, the customer or business information is no longer required; paper records should be disposed of in a secure manner. All paper records containing customer or business information are disposed of by shredding. This includes all archived records.
All used computers, printers and any other electronic equipment that may contain or that will have stored customer or corporate information in electronic format must be disposed of in an appropriate manner after the information has been completely wiped off. An external provider will be used to ensure that the memory on the devices is completely clean of information before the item is disposed of.
Monitoring & Reporting
Peter Willis, Director, will monitor the adherence to this policy and report to the other directors any issues or concerns regarding its compliance.
Review
This policy will be reviewed periodically in light of changing business priorities and practices and to take into account any changes in legislation.
 

Add your comment