1 Who we are
1.2 For the purpose of the General Data Protection Regulation 2016 (“the GDPR”, as may be amended from time to time) STV International Ltd. is a Data Controller. In this Policy references to “we”, “us” or “our” refer to STV International Ltd.
1.3 Our Company is incorporated in England with company number 2925277 and a registered office at Forge House, Little Cressingham, Thetford, Norfolk, IP25 6ND.
1.4 We are committed to protecting and respecting your privacy. The purpose of this Policy to explain how we collect, use and secure personal information collected on our network of websites or directly supplied by you.
2 Key Definitions
2.1 Personally Identifiable Information (“PII”) means any information relating to an identified or identifiable natural person, including an individual’s name, contact information, professional title, and employer. For the purposes of the GDPR, an individual’s internet protocol address (“IP address”) may be considered PII.
2.2 Tracking Technologies means cookies, web beacons, serving tracking technologies or other technology solutions performing similar functions. These technologies may include first party cookies (cookies referencing the domain of the website being visited) and third-party cookies (cookies referencing a domain other than the one of the website being visited) those placed by a website other than the one being visited), local shared objects (commonly referred to as “Flash Cookies”), HTML 5 Cookies and tracking pixels (including transparent or clear gifs).
2.3 User or you mean any individual who views or interacts with the Websites, whether or not they are a Customer or a Potential Customer.
3 What Information do we collect and how is it collected?
3.1 Personally Identifiable Information (PII)
Should you contact us via one of our locations, we will collect and process PII limited to information necessary to achieve one or more legitimate business purpose as described in this Policy. PII may include:
Except where you provide your PII to us in accordance with the above, we will not collect or store it without first asking you for it.
3.2 Information that we acquire indirectly
One of the ways in which we collect this information is through Tracking Technologies such as cookies. Cookies are small text files containing information that is stored on your device. They help us to improve our site and to deliver a better and more personalised service. They enable us to:
The cookies used by our site and their purpose are identified and described below.
Most web browsers allow users to exercise control over which cookies are processed through adjustments to the settings built into them. For information on changing these settings, please look for a “help” function in the browser or contact the browser provider. However, you may not be able to use all the interactive features of our site if cookies are disabled.
3.4 Other Information
Our site may from time to time contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
4 How is your Information used?
4.1 We use the information that we collect about you to:
4.2 We may analyse information collected from you indirectly to:
5 Why do we collect your Information?
We collect information about you in order to improve our business relationship with you and to offer you opportunities to obtain our products and services relevant to your business interests. Collecting this information helps us tailor our products and services to you and therefore communicate with you more effectively. We are aware that many of our Customers make use of a range of media channels so we may also provide a mechanism through which you can express preferences about how you want us to communicate with you. Finally, collecting your information makes it possible to operate our business more effectively.
6 What is the Legal Basis for the Processing of PII?
6.1 Depending on the nature of the relationship and the purpose in each case, we rely upon consent, contract and legitimate business interests for processing PII. For example, we may process PII with a User’s consent when they agree that we may place cookies on their devices, or that we can process information that they enter into a form on one of our sites.
6.2 It is in our interest as a business to enhance the services that we provide which may include processing your information to enable us to:
6.3 We may also process PII when it is in our or a Users’ legitimate interests to do so and when these interests are not overridden by an individual’s data protection rights. These legitimate interests include providing services to enable us to provide Users of our sites with more relevant content.
7 Who do we share your Information with?
7.1 We may disclose your PII to any company in our group, which means our subsidiaries or our ultimate holding company and its subsidiaries, as defined in Section 1159 of the UK Companies Act 2006 (as amended).
7.2 We only share your PII with third parties:
8 Data Retention
8.1 We will retain the PII that you provide while you remain a Customer of ours or as needed to provide you with products and services.
8.2 We will never retain PII about you for longer than is necessary to fulfil the purpose for which it was originally collected.
8.4 If you would like more information about how long we retain your information please email email@example.com.
9 How do we Store and Secure Your Information?
9.1 We take the security of the data that we collect very seriously. We have implemented technical, organisational and administrative measures which are generally accepted to protect the PII in our possession and of the third parties who act on our behalf.
9.2 By providing your PII you agree to us storing or processing it. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Policy.
9.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your PII, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
10 Access to Information, Opting Out and Your Privacy Rights
10.1 You have the right to access, rectify, erase, restrict, transfer, or object to the use of your information. If you wish to exercise any of these rights or have questions regarding this policy or how we use your information, please contact us at firstname.lastname@example.org.
10.2 You may change or update the information that we hold about you at any time and as often as necessary. In the first instance, you should submit a request for a copy of your information in our possession by sending an email to email@example.com. We will respond to all such requests without undue delay, and in accordance with the provisions of the GDPR.
10.3 If you do not believe that we have responded to your complaint appropriately or in a timely manner, you may contact us at firstname.lastname@example.org or the Information Commissioner’s Office.
11.1 STV International Ltd. reserve the right to modify or amend this Policy from time to time. We will not reduce your rights under this Policy without your consent. If we change our Policy, we will post those changes on this page in addition to updating the “Last Updated” date at the bottom of this Policy. For these reasons, we encourage you to read this Policy regularly.
11.2 Your continued use of the Website or accessing Content posted on the Website shall constitute your acceptance of the modified Policy. If there will be any changes made to the use of your PII in a manner materially different from that stated at the time of collection, we will notify you by posting a notice on our site. If you object to any of the changes, or the overall Policy, please contact us via email@example.com.
Carried out by: Will Hinks – Managing Director
Date of assessment: 15-05-2020
Next review date: 15-08-2020
What are we already doing to control the risks?
Objective: That everyone should work from home unless they cannot work from home
We have considered who is essential to be on site. Those who are not are working from home.
We have planned the minimum number of people needed on site to operate safely and effectively. We review staffing requirements on a weekly basis and reduce or increase numbers accordingly.
We have provided equipment to allow staff to work from home where this is necessary.
Objective: To protect clinically vulnerable and clinically extremely vulnerable individuals
All staff including those furloughed have access to welfare services provided by Healthshield. This includes help for mental health issues
We have taken into account any information provided to us by staff with regard to their or their household members who may be clinically vulnerable in assessing whether they should or should not work form home.
Objective: To make sure individuals who are advised to stay at home under existing government guidelines do not physically come to work.
We have enabled workers needing to self isolate to work from home.
Objective: To treat everyone in the workplace equally.
We understand and have taken into account the particular circumstances of those with different protected characteristics
We have made sure that the needs of staff with caring responsibilities have been taken into account
We have considered whether we need to put in place and particular measures to take account of our duties under equalities legislation
Objective: To maintain social distancing where possible, on arrival and departure and to ensure handwashing on arrival.
We have provided additional toilet and hand washing facilities and hand sanitising facilities throughout the site
We require staff to wash or sanitise their hands before starting work and after every break
We limit the number of staff in company vehicles when travelling between company sites
Objective: To maintain social distancing wherever possible while people travel through the workplace.
We keep in touch with staff working from home through regular video conference meetings. All staff including those furloughed have access to welfare services provided by Healthshield. This includes help for mental health issues. We have provided all staff including those furloughed with information to help them understand the position of our business.
We have restricted access to parts of the site for certain groups of staff
We have increased the number of and segregated toilet and hand washing facilities to reduce the numbers of people using each facility
Objective: To maintain social distancing between individuals when they are at their workstations
We have reviewed departmental layouts, set-ups and processes in order to maintain a minimum of 2m distance where we can
We have arranged workstations so that people are not directly facing each other where we cannot maintain 2m distance
We have installed screens to provide separation of staff where we cannot maintain 2m distance
We have consistent groups of people working together in order to reduce social contact within the workplace
Objective: To reduce transmission due to face-to-face meetings and maintain social distancing in meetings
We have introduced video conference facilities which are used for both internal and external meetings to reduce face to face meetings
The number of people in meeting rooms is reduced to maintain 2m distance
Objective: To maintain social distancing whilst using common areas
We have staggered break times to reduce pressure on break rooms and places to eat We have outside areas where people can take breaks
We have reconfigured seating in rest areas to maintain spacing
We have introduced addition toilet and handwashing facilities and segregated their use.
Objective: To prioritise safety during incidents
We have briefed people involved in the provision of assistance to others to pay particular attention to sanitation measures immediately afterwards, including washing hands
Objective: To minimise the number of unnecessary visits to the site
We do not allow unscheduled visits to the site other than for delivery services
We have cancelled all customer visits
Maintenance work has been scheduled for weekends to avoid staff contact
We have provided signage for delivery drivers to direct them to maintain social distancing, including a ban on the use of our facilities on site
Objective: To make sure people understand what they need to do to maintain safety
We have briefed staff on sanitation, self-isolation and distancing requirements.
We have put signage in place which highlights our safety requirements
Objective: To keep the workplace clean and prevent transmission by touching contaminated surfaces
We have increased the frequency with which our facilities are cleaned from once to twice a day, with particular focus on touch surfaces such as handles
Objective: To help everyone keep good hand hygiene through the working day
We have put up posters showing good technique
We have increased the number of hand washing facilities and provided hand sanitiser at locations throughout the site
We have increased the frequency of rubbish collection
We provide paper towels
Objective: To reduce transmission through contact with objects that come into the workplace
We have provided facilities to clean pieces of equipment which are in common use, for example pallet trucks and fork lifts
We have briefed staff to follow cleaning procedures for this equipment
We have increased hand washing and hand sanitising facilities
We do not require the use of face coverings, but provide these to staff on request Where face coverings are used they are changed when necessary, but at least daily.
The table below lists the cookies we collect and what information they store.
|Cookie Name||Cookie Description|
|FORM_KEY||Stores randomly generated key used to prevent forged requests.|
|PHPSESSID||Your session ID on the server.|
|GUEST-VIEW||Allows guests to view and edit their orders.|
|PERSISTENT_SHOPPING_CART||A link to information about your cart and viewing history, if you have asked for this.|
|STF||Information on products you have emailed to friends.|
|STORE||The store view or language you have selected.|
|MAGE-CACHE-SESSID||Facilitates caching of content on the browser to make pages load faster.|
|MAGE-CACHE-STORAGE||Facilitates caching of content on the browser to make pages load faster.|
|MAGE-CACHE-STORAGE-SECTION-INVALIDATION||Facilitates caching of content on the browser to make pages load faster.|
|MAGE-CACHE-TIMEOUT||Facilitates caching of content on the browser to make pages load faster.|
|SECTION-DATA-IDS||Facilitates caching of content on the browser to make pages load faster.|
|PRIVATE_CONTENT_VERSION||Facilitates caching of content on the browser to make pages load faster.|
|X-MAGENTO-VARY||Facilitates caching of content on the server to make pages load faster.|
|MAGE-TRANSLATION-FILE-VERSION||Facilitates translation of content to other languages.|
|MAGE-TRANSLATION-STORAGE||Facilitates translation of content to other languages.|
Aims of this policy
This policy supports our commitment to limiting the risk of modern slavery occurring within our own business or infiltrating our supply chains or any other business relationship.
The policy applies to all persons working for or on our behalf in any capacity, including employees, directors, officers, agency workers, contractors, consultants, and any other third party representative.
We expect all who have or seek to have a business relationship with the company to familiarise themselves with this policy and to act at all times in a way that is consistent with its values.
We will only do business with organisations who fully comply with this policy or those who are taking verifiable steps towards compliance.
What do we mean by modern slavery?
Modern slavery can take many forms. It is a complex and multi-faceted problem. The Modern Slavery Act 2015 (MSA) covers four key criminal activities:
Slavery: where ownership is exercised over an individual
Servitude: involves the obligation to provide service imposed by coercion
Forced and compulsory labour: all work or service, not voluntarily performed, which is obtained from an individual under the threat of force or penalty.
Human trafficking: involves arranging or facilitating the travel of another with a view to exploiting them
Other forms of modern slavery, which we will not tolerate, but are not specifically referenced in the MSA include, but are not limited to:
Child labour: whilst not always illegal in the jurisdiction in which it takes places, child labour involves the employment of children that is exploitative, or is likely to be hazardous to, or interfere with, a child’s education, health (including mental health), physical wellbeing or social development].
All forms of modern slavery have in common the deprivation of a person’s liberty by another in order to exploit them for commercial or personal gain and amount to a violation of an individual’s fundamental human rights.
Tackling modern slavery requires us all to play a part and remain vigilant to the risk in all aspect of our business and business relationships.
How we seek to embed our anti-slavery policy in practice
To underpin our policy commitments, we have implemented the following measures over the course of the financial year:
We have conducted risk assessments to determine which parts of our own business and which of our supply chains are most at risk from modern slavery so we can focus our efforts on those areas most ‘at risk’.
Where appropriate, as informed by our risk assessments, we will undertake pre-screening of prospective suppliers in relation to the effectiveness of their existing safeguarding controls and practices including, but not limited to those in relation to preventing modern slavery occurring within their organisation and within their own first tier supply chain.
- Our contractual documentation [includes/will incorporate] specific prohibition against slavery or servitude, the use of forced, compulsory or trafficked labour and the use of child labour in line with this policy. We will also make provision for our contracted suppliers to hold their own suppliers to the same standards. We also reserve the right to terminate any contractual arrangement if there is breach of this policy.
Responsibility for this policy
The board of directors has overall responsibility for this policy and in ensuring that the Company complies with all its legal [and ethical] obligations.
Department Managers will have the primary day-to-day responsibility for the implementation of this policy, monitoring its use and ensuring that the appropriate processes and control systems are in place, and amended as appropriate, to ensure it can operate effectively.
All Department Managers are responsible for ensuring that those reporting directly to them comply with the provisions of this policy in the day to day performance of their roles.
Communication and employee awareness training
Department Managers will ensure that relevant staff receive adequate training on this policy and any supporting processes applicable to their role.
In addition staff will receive training on the broader issues of modern slavery so as to assist them in appreciating the extent of the problem of modern slavery and the identify individuals/areas of the business that may be at risk from practices of modern slavery.