Privacy
Policy

Telstar Green Ltd is a privately-owned company, registered in England and Wales under number 10667809, whose registered office is at The Coach House, Upper Lansdown Mews, Bath, BA1 5HF, trading as HSG (“we”, “us”).

This Policy may be amended or updated from time to time, so please check it regularly for updates. This policy was last updated on 5th July 2023. 

If you have any questions about the personal data we hold about you or how we use it you can contact our Operations Director, Sophie: sophie@hsgadvisory.com.

If you are not satisfied with our response or believe we are not complying with the law when using your personal data, you can contact the Information Commissioner’s Office.

Types of data we collect & store

Most of the personal data we receive is provided to us directly by you for one of the following reasons:

1. Personal details

You may supply us with personal information about you, including but not limited to your name, address, email, job title, organisation and telephone number.

By filling in a contact/enquiry form on our website, you consent to HSG using your details to contact you for such a purpose.

2. Details about your business

You may supply us with details about your business so that we may propose or provide services. This may include personal data about individuals within or connected to your business and by doing so you confirm that you have the right to provide their personal data to us.

3. Research & surveys

We sometimes conduct research on behalf of our clients to better understand a particular audience, sector or market trends. As part of this research, we may contact you to invite you to participate in a discovery call or survey. With regard to surveys, we may also invite respondents to submit their name and contact details so that a representative of HSG can get in touch to ask some follow-up questions. By entering your name and contact details, you consent to a representative of HSG contacting you for such a purpose. 

We may collect and aggregate any data, information and/or opinions you voluntarily provide into a report/paper, to be used and published by our client, but this would always be on an anonymised basis (so that it can no longer be associated with you or your business). We may also use such anonymised data for further research or statistical purposes in which case we may use this information indefinitely without further notice to you.

As well as HSG representatives, we may share your data with: 

  • HSG staff and representatives for the purpose of conducting the survey and creating the report/paper.
  • The client for whom we are conducting the survey. 
  • A third party research agency.

All of whom may contact you with regard to the answers you provide.

4. Records

We also keep records of our communications and interactions with you, for example, email exchanges between us or meeting notes so that we have a record of what might have been agreed or discussed. Such records will be kept for such time as we consider reasonable.

5. Usage data

Usage data is collected automatically when visiting our website.

Usage data may include information such as your device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

We do not track or pass your usage data to third parties but when you access the website by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

We may also collect information that your browser sends whenever you visit our website or when you access the website by or through a mobile device.

Why do we collect your data?

We use your data for the following purposes dependent upon the basis of our relationship with you:

  • To provide you with information and/or services where we believe you will be interested in this.
  • To request information and/or services for the purposes of a contract or prospective contract with you.
  • To aggregate information from a survey we are conducting on behalf of a client where you have taken part in a survey.
  • For the performance of a contract between us or a contract between you and a client.
  • For communications with you related to the contracted services, a specific project or other legitimate business interests.
  • And we reserve the right to pass on this data to a third party in connection with the acquisition of our business.

What will we do with your data?

Your data will be processed for one or more of the reasons referred to above all of which are  legitimate business interests of HSG.

We may share your data with sub-contractors and third-party agents appointed by and who work with HSG to provide our services and/or support our business. Where data is collected by these sub-contractors and third-party agents we expect them to adopt security practices aligned with our own. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

How long will we keep data?

We will not hold your data for any longer than is necessary. 

You can ask us to delete your data. See ‘Your rights’ below for additional  information.

How we hold your personal information

Your data is handled by HSG staff, who are based in the UK. The data we process may be held internally on our own managed systems, externally on cloud-based services or on the systems of third-party partners who process information on our behalf.

We are committed to storing data securely wherever it is held, and ensuring it is only accessible to authorised personnel. Where data is stored on partner systems we expect them to adopt security practices aligned with our own.

Security of your personal information

We limit access to your personal information to those employees, agents, contractors and other third parties on a need to know basis. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

The security of your personal data is extremely important to us, but no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

Your rights

As a data subject, any personal data collected may be subject to certain rights under the GDPR:

1. The right to be informed of how and why we are collecting and/or processing your personal data - that is set out in this policy but we may also inform you of why it is being collected and how it is being processed at the time we receive it.

2. The right of access. If you wish to see what information we hold on you, you may send us what is called a Subject Access Request. We will require documentation to verify your identity and we are required to respond within 30 days of receipt of your request. There is no cost to you in requesting to see your data, but please note that we reserve the right to charge you if you make excessive or inappropriate requests. 

3. The right to rectification. We offer the opportunity to amend any personal data by contacting us using the details below.

4. The right to erasure. If you wish to erase personal data held by us, we can anonymise or de-identify your data. Please contact us using the details below (“How to contact us”). Please make sure you inform us of all email accounts, profiles, names etc that you may have used with us that you wish to erase.

5. The right to complain to the Information Commissioner's Office (the "ICO") if you are not satisfied with the way we use your information. You can contact the ICO by writing to Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Legal compliance

In the event that we are required by law, court order or regulatory authority to disclose certain types of personal data, we reserve the right to comply with any such legally binding request.

How to contact us

If you would like to withdraw any information provided, exercise your rights in regards to any personal data shared, or have any questions, please do not hesitate to contact us by contacting our Operations Director, Sophie: sophie@hsgadvisory.com.

Privacy Notice for recruitment, employees & suppliers

Recruitment & employment

Any information you provide during the recruitment process will be used only for the purpose of progressing your application, or to fulfil legal or regulatory requirements where necessary.

We will not share any of the information you provide during the recruitment process with any third parties. The information you provide will be held securely by us whether in electronic or physical format. It will be used by the hiring managers only.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role that you have applied for in line with the job description and person specification.

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for, but it may affect your application if you don’t.

Application stage

We will ask for your personal details including:

  • Name and contact details.
  • Your previous experience and education.
  • Your referees.
  • Answers to questions relevant to the role you have applied for.

Unsuccessful candidates

If you are unsuccessful following either shortlisting or interview/assessment for the position you have applied for, we will keep your personal data for a period not longer than 2 years from when we last processed your application.

Conditional offer

If we make a conditional offer of employment, we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer.

You may be required to provide:

  • Proof of your identity.
  • Proof of qualifications.
  • Proof of your right to work. 
  • References. We will contact your referees directly, using the details provided  in your application, to obtain references and information on your trustworthiness, integrity and reliability.

If we make a final offer, we will ask you for the following:

  • Bank details – to process salary payments.
  • HMRC starter checklist – to ensure you are placed on the right tax code and any student loan data is captured where applicable.
  • Emergency contact details – so we know who to contact in case of an emergency at work.
  • This information will remain in the HR Department and will be retained as part of your personnel file.

Employee data

As your employer, the company needs to keep and process information about you for employment purposes.

The information we hold and process will be used for our management and administrative use only. It will be kept and used to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately. This will apply during the recruitment process, whilst you are working for us, at the time when your employment ends and after you have left. This includes using information to:

  • Enable us to comply with your employment contract.
  • Enable us to comply with any legal requirements.
  • Pursue the legitimate interests of the company and protect our legal position in the event of legal proceedings.
  • We may also need to use certain information in order to process invoices relating to, for example: a training course, for processing of individual payments, applications for bank, credit and purchasing cards, and to access internally used financial systems.

Much of the information we hold includes:

  • Your application form.
  • References.
  • Your contract of employment and any amendments to it.
  • Correspondence with or about you, for example: letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary.
  • Information needed for payroll, benefits and expenses purposes.
  • Contact and emergency contact details.
  • Records of holiday, sickness and other absence.
  • Information needed for equal opportunities monitoring policy.
  • Records relating to your career history, such as training records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records.
  • Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used in order to comply with our health and safety and occupational health obligations – to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate. We will also need this data to administer and manage statutory and company sick pay. In addition, we may use this information to monitor and produce (for our own use) reports relating to absence levels across the organisation.

How long we keep your information

Recruitment files: 2 years.

Employee files: We are required to keep any data that relates to PAYE (Pay As You Earn), for a period of 7 years after the end of the tax year from the date of leaving.

Your documents will be held electronically and when required (in line with retention periods), destroyed securely and in line with GDPR compliance.

Please see the “your rights” and “legal compliance” sections below.

Suppliers

Types of personal data we collect & store

We are collecting information about you which is relevant to procuring goods and/or services and making payments. This includes:

  • Personal details (such as name).
  • Contact details (such as your personal telephone number and email address).
  • Confirmation of your identity (such as a copy of your passport).
  • Information about your tax status (such as HMRC records of self-assessment).
  • Financial information (such as bank account details).
  • Complaints information.

Why do we collect your data?

We use your data for the following purposes:

  • For the performance of a contract between us or a contract between you and our client.
  • For communications with you related to the contracted services, a specific project or other legitimate business interests.

If you refuse to provide certain information when requested, we may not be able to fulfil the contract we have entered into with you (such as making payments without your bank information), or we may be prevented from complying with our legal obligations (such as deducting tax if required to do so).

What will we do with your data?

We use the types of personal data which we have listed above for the following purposes:

  • The process of applying for and becoming a supplier.
  • Make payments to you for your services.
  • Complaints (such as gathering evidence in relation to any complaints made by or about you; dealing with legal disputes involving you).
  • Determining your continued supplier status.
  • To comply with our legal obligations, such as to prevent fraud.
  • To profile you on our website. We will not do this without your permission.

We will only share your personal information with third parties where necessary to administer the contractual relationship with you, where required by law or where we have another legitimate interest in doing so. Where data is collected by third-party agents we expect them to adopt security practices aligned with our own. “Third parties” includes third-party service providers (including contractors and designated agents) such as our accountants.

How long we keep your information

We will hold your data for 3 years after a contract termination date. 

You can ask us to delete your data. See ‘Your rights’ below for additional  information.

Security of your personal information

We limit access to your personal information to those employees, agents, contractors and other third parties who have a need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

The security of your personal data is extremely important to us, but no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

Your rights

As a data subject, any personal data collected may be subject to certain rights under the GDPR:

1. The right to be informed of how and why we are collecting and/or processing your personal data - that is set out in this policy but we may also inform you of why it is being collected and how it is being processed at the time we receive it.

2. The right of access. If you wish to see what information we hold on you, you may send us what is called a Subject Access Request. We will require documentation to verify your identity and we are required to respond within 30 days of receipt of your request. There is no cost to you in requesting to see your data, but please note that we reserve the right to charge you if you make excessive or inappropriate requests. 

3. The right to rectification. We offer the opportunity to amend any personal data by contacting us using the details below.

4. The right to erasure. If you wish to erase personal data held by us, we can anonymise or de-identify your data. Please contact us using the details below (“How to contact us”). Please make sure you inform us of all email accounts, profiles, names etc that you may have used with us that you wish to erase.

5. The right to complain to the Information Commissioner's Office (the "ICO") if you are not satisfied with the way we use your information. You can contact the ICO by writing to Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Legal compliance

In the event that we are required by law, court order or regulatory authority to disclose certain types of personal data, we reserve the right to comply with any such legally binding request.

How to contact us

If you would like to withdraw any information provided, exercise your rights in regards to any personal data shared, or have any questions, please do not hesitate to contact us by contacting our Operations Director, Sophie: sophie@hsgadvisory.com.