ABP UK respects your privacy and is committed to doing the right thing when it comes to how we collect, use, and protect your data. That is why we have developed this privacy notice which will inform you as to what we do with your personal data and how we look after it, sets out your privacy rights, and explains how the law protects you.
The privacy notice will go over the following areas:
- Who we are and how to contact us.
- The personal data we collect.
- How we use this data.
- Our legal basis for processing your data.
- When we share personal data.
- Where we store and process your data.
- How we keep your data secure.
- How long we retain your data.
- Your rights in relation to personal data.
We encourage you to read this privacy notice carefully, and should you have any questions or concerns please contact us using the details provided in the Our Contact Details section below.
Our Contact Details
ABP UK is the data controller and is responsible for your personal data (referred to in this notice as “we”, “us” or “our”). This notice applies only to data controlled by us, and does not cover our parent company ABP Food Group or any of our sister divisions (ABP Ireland & Poland, C&D Foods, Olleco) within the Group. Please visit the websites of these divisions to read their respective privacy notices.
We have a number of individuals within our business who have received training and certifications in the GDPR (General Data Protection Regulation) and are responsible for overseeing the use and protection of personal data. Should you have any questions or would like to make a request to exercise your legal rights, please contact us using the following details.
Full name: Anglo Beef Processors UK (company number 02925718)
Postal address: ABP UK, 6290 Bishops Court, Solihull Parkway, Birmingham Business Park, Birmingham, B37 7YB
Please mark any envelopes with “FAO: Data Protection” to make sure they are promptly received by
the correct people.
You have the right to make a complaint to the ICO (Information Commissioner’s Office) at any time. The ICO are the UK supervisory authority on data protection, their website can be found here: www.ico.org.uk. However, we would appreciate the chance to deal with any concerns you may have, so we ask that you please contact us in the first instance using the details above.
Personal Data We Collect
Your personal data is any information that could be used to identify you. It does not include any data where the identifying information has been removed; this is known as anonymous data. We may collect, use, store, and transfer various types of personal data which we have grouped into the following categories:
- Identity Data: First name, surname, title, username or other identifier.
- Contact Data: Billing/postal address, email, phone number, social media account.
- Financial Data: Bank account details.
- Farm Data: Address, name, herd/flock number, holding number.
- Technical Data: Login data, IP address, browser type, mobile device identifiers, device make,device model, device operating system.
- Profile Data: Username and password.
- Usage Data: How websites are used, how you found the website, etc.
- Image Data: CCTV images/video, facial images.
- Health Data: Any symptoms or illnesses within a recent given timeframe.
When collecting more sensitive data, such as Health data, we carry out assessments to make sure this will not adversely affect you and make sure that it is absolutely necessary for us to collect this.
How We Collect Personal Data
We collect your personal data through various methods depending on the circumstances.
- When you fill in a Contact Us form on any of our websites or contact us through social media or other online services, we collect your Identity and Contact data directly from you as requested on the form or other method through which you have contacted us.
- When you complete a job application via our online careers portal, we collect your Identity and Contact data directly from you as requested in the job application form.
- When you visit one of our sites in person, we collect your Identity and Health data directly from you when you fill in one of our mandatory visitor forms. Image data is collected from CCTV cameras located around our sites, and a photo of you may also be taken of you to go on your site visitor pass.
- When you browse one of our websites, we collect your Technical and Usage data via our usage of Cookies and Google Analytics.
- Where it is reasonable to do so we may collect Personal Data from publicly available sources such as internet searches, companies house, and broadcast media.
- We may also collect Personal Data shared to us from other livestock buyers, our customers, government bodies, and accreditation schemes.
How We Use Personal Data and Our Legal Basis
We must have a lawful basis to collect and use personal data; the lawful bases are set out in the UK GDPR. Here we will explain how your personal data is used and what our lawful basis is for using it in this way.
Why We Use Personal Data
Type Of Personal Data
Process a job application you have made to us
Identity & Contact data
Legitimate interest: This helps us evaluate the best fit for a position we require filling within our organisation.
Make our online services available to you
Identity, Contact, Profile & Farm data
Legitimate interest: This helps provide an efficient online experience for our customers, suppliers, and website visitors, improving our current relationships and helping to foster new ones.
Discover how you found our websites, what interests you, how you access them, etc
Technical & Usage data
Legitimate interest: This helps us to keep our websites relevant and up to date with what our visitors are looking for and allows us to see what improvements we can make.
To contact and interact with you
Legitimate interest: Responding to any initial contact or keeping in contact will help us to foster a relationship with you that will be beneficial to both parties, be it to supply livestock to us or applying for a vacancy we are advertising.
Monitor who enters our sites
Identity, Contact, Image & Health data
Legal compliance: We need to know if people who enter our sites have had any interaction with livestock to comply with UK legislation.
Sharing Personal Data
We may share your personal data with service providers and other organisations as appropriate. Where a service provider is carrying out a function using personal data on our behalf, we make sure to have appropriate contracts in place detailing that provider’s responsibilities regarding the data being shared with them. We carefully vet all our service providers to make sure they have appropriate technical and organisational measures in place to safeguard personal data.
Personal data may also be shared with our sister divisions within ABP Food Group as well as to other third-party organisations for certain reasons, including:
- The law or a public authority requiring us to share the data.
- If we need to share personal data to establish, exercise or defend our legal rights.
- To an organisation we sell or transfer (or enter into negotiations to sell or transfer) any of ourbusinesses or any of our rights or obligations under any agreement we may have with you to.
- To third parties you ask or permit us to share your data with.
- To organisations which introduce you to us.
Data shared to any of our sister divisions will be protected in the same manner as when it is being processed by us.
We may transfer data outside of the UK, however we will always make sure one of the following safeguards is in place:
- The organisation to which we are sharing data resides in a country deemed to have passed an adequacy decision by the EU Commission; these decisions remain valid as of 31 December 2020, though the UK intend to review these decisions over time.
- We have specific contracts in place with the recipient organisation that have been approved by the ICO, meaning the data is still effectively protected by the GDPR even if the country in which that organisation resides is not in the European Economic Area or has not passed an adequacy decision.
How We Secure Personal Data
We use computer safeguards such as firewalls and data encryption, and we enforce physical access controls to our buildings and files to keep this data safe. We only authorise access to employees who need it to carry out their job responsibilities. Data entered in any of our websites is protected using HTTPS while being transmitted.We enforce physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of data. Physical documentation is stored in locked and secure cabinets, while electronic data is stored on secure servers to which only the required employees have access. All servers that store electronic data are backed up and transmitted off-site in an encrypted state.
How Long We Retain Personal Data
We will keep your data the minimum length of time required to comply with the purposes set out in this policy and relevant legal obligations. In certain cases your data may be kept longer than what is necessary to comply with the purpose stated if there is a legal requirement for us to do so.
In some circumstances you can request for any personal data we hold about you deleted, as detailed in the Your Rights section below. In this case we will remove the data within one month and confirm this with you.
We may anonymise your personal data for research or statistical purposes; in these cases the data can no longer be traced back to you, so we are allowed to keep it indefinitely.
You have certain rights regarding your data under the UK Data Protection laws and are free to exercise these at any time. You have the right to:
- Request access to any personal data we hold about you.
- Request corrections to any of your personal data.
- Request deletion of any of your personal data.
- Withdraw your consent for us to process your personal data.
- Request the restriction of processing your personal data.
- Request the transfer of your personal data.
- Object to the processing of your personal data.
- Make a complaint to the ICO about our processing of your personal data.
Should you wish to exercise any of your rights, please contact us via any of the methods laid out in the Our Contact Details section. We will not charge you a fee should you request access to your data or exercise any of your other rights, however we may refuse to comply if your request is clearly unfounded, repetitive, or excessive.
By law we must respond to all requests within one month and we try to do this in most cases, however we may take longer if your request is particularly complex or if there are several requests made.
We may request identification documents from you to confirm your identity and ensure someone else is not trying to access your personal data. If you are making a request through a third-party, we ask for a letter of authority from you authorising that party to receive your data. We may also contact you to ask for further details of your request to make sure we are able to respond on time.
Some automated decision making may be undertaken when a job application is made to see if the application fits in with any of our available positions. This means that your application may not be seen by a member of our HR teams until it after it has been selected for a position or that you may not be contacted regarding the position you originally applied for.
To This Privacy Notice
To Your Data
It is important that personal data we hold about you is up-to-date and accurate. We therefore ask that you please keep us informed of any changes to your personal data during your relationship with us using the details supplied in the Our Contact Details section.
Please note that any third-party websites that may be linked to this or any of our other websites are not controlled by us and we are not responsible for their use of your personal data. We encourage you to read the privacy notices of every website you visit once you leave our website.