Privacy Policy

This document can be made available in other formats, on request and this is version number 1A. This document was originally published on 1st May 2018 and should you have any questions regarding it, you should write to us, for the attention of our Data Protection Officer. This notice has been approved by the Directors of the business.

Background

This privacy notice lets you know what happens to any personal data that you give to us, or any that we may collect from or about you. It applies to all products and services, and instances where we collect your personal data.

This privacy notice applies to personal information processed by or on behalf of Green Lantern

1. Who are we and how do you contact us and our Data Protection Officer?
2. What kinds of personal information about you do we process?
3. What is the source of your personal information?
4. What do we use your personal data for
5. What are the legal grounds for our processing of your personal information?
6. When do we share your personal information with other organisations?
7. How and when can you withdraw your consent?
8. Is your personal information transferred outside the UK or the EEA?
9. What should you do if your personal information changes?
10. Do you have to provide your personal information to us?
11. Do we do any monitoring involving processing of your personal information?
12. What about other automated decision making?
13. For how long is your personal information retained by us?
14. What are your rights under data protection laws?
15. Your right to object
16. What are your marketing preferences and what do they mean?

Changes to this privacy notice

We may change this privacy notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy notice for changes whenever you visit our website.

1. Green Lantern and our Data Protection Officer

We’re Green Lantern. We are a data controller of your personal data. Green lantern is a UK Umbrella Company providing employment and payment services to temporary contractors working within the UK.
We have a dedicated Data Protection Officer (“DPO”). You can contact the DPO using the details below or by writing to the above address, marking it for the attention of the DPO or going to the ‘Contact Us’ section of our website.

2. What kinds of personal information about you do we process?

Personal information that we’ll process in connection with all of our products and services, if relevant, includes:

  • Personal and contact details, such as title, full name, contact details and contact details history
  • Your date of birth, and/or age
  • Your residency and/or citizenship status, if relevant, such as your nationality, your length of residency in the UK and/or whether you have the right to reside and work in UK
  • Identity documents, your formal ID and entitlement to work in the UK documents
  • Records of your contact with us such as via the phone number of our customer service department and, if you get in touch with us online using our website contact us facility
  • Records of your employment, such as timesheets and payments that we have processed for you during your
    employment
  • Records of pension contributions, any contributions that we have processed for you during your employment with us
  • Records of sickness, any statutory sick claims that we have processed for you including any medical certificates that you have submitted to us
  • Records of your expenses, details of any expense claims that you have made during your employment with us
  • Holiday records, details of your holiday allowance, amount taken and remaining and holiday pay paid
  • Employment history records, such as your CV where appropriate
  • Tax information, if relevant (for example, relating to your employment with us)

3. What is the source of your personal information?

We’ll collect personal information from the following general sources:

  • From you directly
  • From your recruitment agency to inform you of the services that we provide
  • From an introducer or other intermediary (for example, a marketing agency) who we work with to provide products or services or quote to you
  • Green Lantern Group companies if you have already used a service with them, have applied for one or have used one previously
  • Business partners such as business introducers
  • From other sources such as social media, internet, news articles

4. What do we use your personal data for?

We use your personal data, including any of the personal data listed in section 2 above, for the following purposes:

  • Assessing an application for products or services, including considering whether or not to offer you the products or services, the price, the risk of doing so
  • Managing products or services relating to those products or services, or application for one
  • Updating your records
  • Managing any aspect of the products or services
  • To perform and/or test the performance of our products or services and internal processes
  • To improve the operation of our business and that of our business partners
  • To follow guidance and best practice under the change to rules of governmental and regulatory bodies
  • For management and auditing of our business operations including accounting
  • To monitor and to keep records of our communications with you and our staff (see below)
  • To administer our good governance requirements, such as internal reporting and compliance obligations
  • For market research and analysis and developing statistics
  • For direct marketing communications to help us to offer you relevant products and services. We may send marketing to you by SMS, email, phone, post, social media and digital channels (for example, using Facebook, Twitter and LinkedIn Offers may relate to our services, employee benefit packages, as well as to any other offers and advice we think may be of interest
  • To develop new products and services and to review and improve current products and services
  • To comply with legal and regulatory obligations, requirements and guidance
  • To provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses
  • To share information, as needed, with business partners (for example, employee benefit providers), or as part of providing and administering our products and services or operating our business
  • To facilitate the sale of one or more parts of our business

5. What are the legal grounds for our processing of your personal information?

We rely on the following legal bases to use your personal data:

  1. Where it is needed to provide you with our products or services, such as:
    • Assessing an application for a product or service you hold with us, including consider whether or not to offer you the product, the price, the payment methods available and the conditions to attach
    • Managing products and services you hold with us, or an application for one
    • Updating your records, to contact you about your account (where appropriate)
    • Sharing your personal information with business partners and services providers when you apply for a product to help manage your products and services
    • All stages and activities relevant to managing the product or service including enquiry, application, administration and management of accounts, illustrations, requests for transfers, setting up/changing/removing recruitment agencies or end clients
  2. Where it is in our legitimate interests to do so, such as:
    • Managing your products and services relating to that, updating your records to contact you about your account (where appropriate)
    • To perform and/or test the performance of, our products, services and internal processes
    • To follow guidance and recommended best practice of government and regulatory bodies
    • For management and audit of our business operations including accounting
    • To carry out monitoring and to keep records of our communications with you and our staff (see below)
    • To administer our good governance requirements, such as internal reporting and compliance obligations
    • For market research and analysis and developing statistics
    • For direct marketing communications to help us to offer you relevant products and services. We may send marketing to you by SMS, email, phone, post, social media and digital channels (for example, using Facebook, Twitter and LinkedIn Offers may relate to our services, employee benefit packages, as well as to any other offers and advice we think may be of interest
    • Subject to the appropriate controls, to provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses
    • Where we need to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations
  3. To comply with our legal obligations
    • Where we need to share your personal information with people or organisations in order to comply with any legal and/or regulatory obligations
  4. With your consent or explicit consent:
    • For some direct marketing communications

6. When do we share your personal information with other organisations?

We may share information with the following third parties for the purposes listed above:

  • Green Lantern Group companies and service providers
  • Business partners (for example, employee benefit providers or pension providers), or others who are a part of providing your products and services or operating our business
  • Governmental and regulatory bodies such as HMRC, the Information Commissioner’s Office
  • Other organisations and businesses who provide services to us such as, back up and server hosting providers and IT software and maintenance providers

7. How and when can you withdraw your consent?

Where we’re relying upon your consent to process personal data, you can withdraw this at any time by contacting us using the details below.

8. Is your personal information transferred outside the UK or the EEA?

We’re based wholly in the UK and will never directly transfer your personal information outside the European Economic Area, however some of our business partners such as employee benefit providers may transfer your personal information outside the European Economic Area, you should check the details of their privacy statements prior to commencing using their services. We’ll make sure that suitable contractual agreements are in place with all of our business partners, to ensure that they are fully compliant with their data protection obligations.

9. What should you do if your personal information changes?

You should tell us so that we can update our records using the details in the Contact Us section of our website, or by contacting us in writing by post or email. We’ll then update your records if we can.

10. Do you have to provide your personal information to us?

We’re unable to provide you with our products or services if you do not provide certain information to us. In cases where providing some personal information is optional, we’ll make this clear.

11. Do we do any monitoring involving processing of your personal information?

In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.

We may monitor where permitted by law and we’ll do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.

12. What about other automated decision making?
We do not undertake any automated decision making, all decisions are made by an appropriate member of staff.

13. For how long is your personal information retained by us?

Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:

  • For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
  • For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or
  • Retention periods in line with legal and regulatory requirements or guidance

14. What are your rights under data protection laws?

Here is a list of the rights that all individuals have under data protection laws. They don’t apply in all circumstances. If you wish to use any of them, we’ll explain at that time if they are engaged or not. The right of data portability is only relevant from May 2018.

  • The right to be informed about the processing of your personal information
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • The right to object to processing of your personal information
  • The right to restrict processing of your personal information
  • The right to have your personal information erased (the “right to be forgotten”)
  • The right to request access to your personal information and to obtain information about how we process it
  • The right to move, copy or transfer your personal information (“data portability”)
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you

You have the right to complain to the Information Commissioner’s Office, which enforces data protection laws: https://ico.org.uk/. You can contact us using the details below.

15. Your right to object

You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by going to the Contact Us section of our website to exercise these rights, or in writing by email or post.

16. What are your marketing preferences and what do they mean?

We may use your home address, phone numbers, email address and social media or digital channels (for example, Facebook, Twitter, LinkedIn and message facilities in other platforms) to contact you according to your marketing preferences. You can stop our marketing at any time by contacting us using the details below or by following the instructions in the communication. If you have not provided any marketing preferences, we will not send you marketing communications.

Contact Us

If you have any questions about this privacy notice, or if you wish to exercise your rights or contact the DPO, you can contact us by going to the Contact Us section of our website. Alternatively, you can write to Green Lantern at 107 Fleet St, London EC4A 2AB, marking it for the attention of the DPO.