Use of personal information
We process personal information to enable us to carry out our work as insolvency practitioners which includes processing data that was held by companies/individuals before our appointment together with data collected during an insolvency procedure or a fixed charge receivership. Our legal obligation to process personal data arises from work we are required to carry out under insolvency and other related legislation.
Insolvency practitioners are Data Controllers of personal data in so far as defined by data protection legislation. GBR Corporate Ltd T/A Guardian Business Recovery will act as Data Processor on their instructions about personal data in relation to an insolvency procedure or fixed charge receivership.
Personal data will be kept secure and processed only for matters relating to the insolvency procedure being dealt with.
The data we may process
The personal data insolvency practitioners may process in most cases will be basic details that may identify an individual and will typically be sufficient to allow us to carry out our work as insolvency practitioners, for example, dealing with the claims of individuals who are owed monies by the companies/individuals over whom we have been appointed.
However, insolvency practitioners may be appointed over entities that process personal data that is considered more sensitive, for example health records and this sensitive data will usually have been created before our appointment. Although we will take appropriate steps to safeguard sensitive data (or to destroy it where it is appropriate to do so), subject to limited exceptions, for example, where we identify previous conduct and/or action that requires further investigation, we will not be processing sensitive data.
We may share personal data with third parties where we are under a legal or regulatory duty to do so, or it is necessary for the purposes of undertaking our work as insolvency practitioners. We may also share personal data to lawfully assist the police or other law enforcement agencies with the prevention and detection of crime, where disclosure is necessary to protect the safety or security of any persons and/or otherwise as permitted by the law.
How long will we hold it?
Personal data will be retained for as long as any legislative or regulatory requirement requires us to hold it. Typically, this may be up to 6 years after which it will be destroyed.
What are your rights?
You have the right to receive the information contained in this document about how your personal data may be processed by us.
You also have the right to know that we may be processing your personal data and, in most circumstances, to have information about the personal data of yours that we hold, and you can ask for certain other details such as what purpose we may process your data for and how long we will hold it.
Individuals have the right to request that incorrect or incomplete data is corrected and in certain circumstances, you may request that we erase any personal data on you which may be held or processed as part of our work as insolvency practitioners. If you have any complaints about how we handle your personal data, please contact John Paylor at Guardian Business Recovery, 72 Temple Chambers, Temple Avenue, London EC4Y 0HP (email@example.com) so we can resolve the issue, where possible. You also have the right to lodge a complaint about any use of your information with the Information Commissioners Office (ICO), the UK data protection regulator.