The guidance and policies you will find on this site apply to data protection activities across all companies, divisions and brands which trade as part of the Assured Group of Companies. These include, but are not limited to:
As part of our continuous focus on information security and data privacy our GDPR compliance is being a managed through programme of activities in the following areas:
Privacy by Design
Integrating data protection, privacy, and security requirements into our products and services as required, in all our business activities. We continually strive to improve what we do and so will evaluate and build better offerings to translate data protection compliance into actions and tangible improvements.
Third Party Management
Ensuring that Assured Group Of Companies’ valued customers and suppliers are best able to meet their obligations with respect to data privacy and establishing transparent arrangements through appropriate information sharing agreements. When we work with new suppliers or with long established strategic partners we look to apply standards that safeguard personal information.
Policies and Procedures
Reviewing standards and processes to define the personal information lifecycle and help ensure data transparency, accuracy, accessibility, completeness, security and consistency. Our Privacy Policy reflecting GDPR requirements sets the context for how we obtain, store and use information relating to our customers and our own people.
Information Security
Reviewing and improving our company wide information security framework, ensuring that incident response process remains effective and that confidentiality, integrity and availability of personal information is assured through appropriate technical and organisational measures
Information Governance
This is about mapping our data and identifying what we have, what we are doing with it, where it is, where it flows, and who has access to it. We classify data based on risk and sensitivity in context. That risk is data-led / person-led allowing us to focus on the outcome and purpose of processing leads to a better and more holistic risk profile and informs the commitment of data privacy that we make to our customers and suppliers.
This is how we protect your data:
1. Obtain
|
2. Hold
|
3. Use
|
4. Delete
|
·
We only use personal
data when necessary and lawful
·
We notify the person
when collecting their data in person or via a 3rd Party
·
We request consent if
required
|
·
We only store personal
data that must be used ongoing throughout the process
·
We secure the Data
with encryption & access control, anonymisation
or obfuscation
·
We keep information up
to date
|
·
We check there is a
lawful purpose
·
We use in line with
consent provided
·
We suspend processing
for individuals data
·
We track which data is
shared with others
|
·
We identify data for
retention
·
We know when retention
periods end
·
We securely delete
data that is no longer needed
|
Further information
As data controllers we are responsible for complying with the relevant requirements under the General Data Protection Regulation (“GDPR”) in respect of the personal data that we hold for legitimate business purposes.
As part of our GDPR company compliance and as required by the regulations, we are updating our analysis of processing activities as part of our continuous review of how personal information is handled across our business operations, products and services. As work progresses all relevant parties will be updated with key information including:
· Privacy Policy for our products and services.
· Refinements to our Supplier Agreements and consent mechanisms.
· Mechanisms by which subject access requests can be made in a secure manner.
· Details of Assured Group Of Companies products and processes explaining how we meet our obligations with respect to GDPR and also wider information security requirements.
· A set of FAQs to answer the most common questions about Assured Group Of Companies and GDPR which will also include questions about where we store relevant data.
· Our data protection governance arrangements and privacy mindset ensure that our operations are subject to continuous review to maintain alignment with GDPR. As we complete our preparations and as we introduce new products and services, the information provided here will therefore be updated periodically.
If you require further information relating to Assured Group Of Companies and GDPR, please contact us at this email address: info@assuredgroup.org
Need a quick answer to one of your Assured Group of Companies questions? Here you go:
Is Assured Group Of Companies GDPR Compliant?
Assured Group Of Companies GDPR activities are being led by the Project Team together with external subject experts, technical and legal advisors with practical experience in data protection and wider security aspects
From the viewpoint of our customers, we are confident that the security measures that we already have in place are fit for purpose and we do not expect any significant changes as a result of our GDPR compliance
Assured Group of Companies products and services will operate as usual and we will ensure that our customers benefit from our attention to security and data protection
Assured Group of Companies will keep Customers informed of updates to aspects such as privacy notices that refer to the new regulations, as these become available
There is no accredited third-party certification for GDPR at present. This may change in the future - for example, the European Commission may create a “Data Protection Seal”. Assured Group of Companies will keep watch on developments in this area
Where Does Assured Group Of Companies Store Personal Information?
As part of our GDPR compliance activities and as required by the regulations we are updating our analysis of processing activities as part of our continuous review of how personal information is handled across our business operations, products and services
Assured Group Of Companies is a European organisation and it is important that the personal information of our customers and our own people is handled in accordance with GDPR
Our data protection governance arrangements and privacy mindset ensure that our operations are subject to continuous review to maintain alignment with GDPR as we introduce new products and services
Our Third-party service providers operate under the same regulatory regimes and we select industry standard suppliers to ensure that we can deliver the best products and services
How Can I Request Access To My Personal Information?
We provide secure online self-service access to account information for our customers via the Assured Management System (AMS)
If you need further information additional to that available through our online channels, customers can contact Assured Group of Companies Customer Care who will be pleased to assist with general enquiries
If you have a specific request for personal information from the Assured Group of Companies please contact our Data Protection team on info@assuredgroup.org
Existing legislation and GDPR require organisations to respond to data subject access requests. Assured Group of Companies is already able to do so and has refined their current processes in respect of GDPR. Accordingly, as a matter of compliance we will need to authenticate your identity to ensure that we handle any request securely.
As an Assured Group Of Companies Customer or Supplier, Will Anything Change?
Assured Group of Companies policies are being reviewed and updated to contain wording that aligns with the requirements of GDPR
As relevant policies and procedures are updated for the Assured Group Of Companies’ products and services, users will be notified accordingly
Where users have already consented to receiving material such as the Assured Group Of Companies updates, we provide the ability for users to change or withdraw consent in line with legislative requirements
As part of the service and products we provide, the Company will continue to review the business purpose for using personal information and as such there may be future changes to relevant policies and procedures, including consent issues.
Will the Assured Group Of Companies Customers Need a Data Processing Agreement?
Assured Group of Companies policies have been updated to align with the requirements of GDPR and this should be sufficient for many of our customers.
A commercial customer may require a Data Processing Agreement/Addendum to help demonstrate it is meeting its obligations with respect to GDPR. In such cases, Assured Group of Companies will provide a suitable template populated with the necessary details.
Who / where do I go to if I have any other queries about Data Protection at the Assured Group of Companies?
Depending on the nature of the query, this will be responded to by the appropriate Data Champion in respect of customer, supplier or employee issues.
Assured Group is the UK’s largest privately owned vehicle preparation company, serving all sectors of the automotive industry. As a group it provides a range of services provided through its’ various Limited companies.
This report is focussed solely on Assured Group Ltd, which is the largest company in the UK specialising in vehicle preparation services.
Assured Group’s Equal Opportunities Policy, states:
The Company is an equal opportunity employer and is committed to a policy of treating all its employees and job applicants equally. The Company will avoid unlawful discrimination in all aspects of employment including recruitment and selection, promotion, transfer, opportunities for training, pay and benefits, other terms of employment, discipline, selection for redundancy and dismissal.
In accordance with Gender Pay Gap legislation, the company reported its’ data for 5 April 2017 and 2018, based on the following headcount:
The data reported on https://gender-pay-gap.service.gov.uk is as follows:
Difference in Mean hourly rate of pay: 20.28, a decrease from 22.2% in 2017
Difference in Median hourly rate of pay: 14.13%, an increase from 13.1%
Difference in Mean bonus pay: 61.63, a decrease from 68.2%
Difference in Median bonus pay: There is now no difference between males and females 0% -100%
Percentage of employees who receive bonus pay
Male: 27.38% increase from 24.3
Female: 19.64% decreased from 23%
Employees by pay quartile | Male | Female |
---|---|---|
Upper quartile | 2017 - 90%, 2018 - 94% | 2017 - 10%, 2018 - 6% |
Upper middle quartile | 2017 - 95%, 2018 - 89% | 2017 - 5%, 2018 - 11% |
Lower middle quartile | 2017 - 84%, 2018 - 80% | 2017 - 16%, 2018 - 20% |
Lower quarter | 2017 - 82%, 2018 - 81% | 2017 - 18%, 2018 - 19% |
Conclusions:
In common with most of this industry sector a very high proportion of Assured Group’s employees are male, at 88% of its total headcount.
Having analysed the figures behind the top level data, Assured Group is satisfied that the data reflects the proportion of male vs female employees in the business.
We would also factor in that Assured Group is one of only a few companies in our industry that is privately owned and financed. As such, the top level information provided includes the pay data of the company’s 4 shareholders, which naturally affects the overall figures.
Not all sectors of the business are predominantly male, however. Interestingly the median difference in bonus pay at -100% differential to Males, reflects on our Sales team, which is mainly female and it is the percentage of performance earned bonus which affects the figures in this instance.
Finally, as a business Assured Group Ltd remains committed to continuing to uphold the principles of its Equal Opportunities Policy and assessing where it can positively promote the rights and interests of a very diverse range of employees in all aspects of their work.
Our Data Protection Policy sets out how we action the protection of business and personal data for our Customers, Employees and Suppliers.
Click here to download our Data Protection PolicyThe Assured Group of Companies are committed to protecting and respecting the privacy of the data we use for our business. Our Privacy Policy sets out the basis on which any personal data which is collected by, or provided to us, will be processed.
Click here to download our Privacy PolicyThis Data Privacy Notice for Suppliers sets out the basis on which any personal data we collect or are provided with from suppliers (including contractors and sub-contractors), is processed by us.
Click here to download our Data Privacy Notice for SuppliersOur Website Terms of Use explains the basis on which you may access, browse, or register on our site. We ask all our website users to read these terms carefully before using www.assuredgroup.org
Click here to download our Website Terms of UseOur Acceptable Use Policy sets out the permitted and prohibited uses of this website.
Click here to download our Acceptable Terms of Use PolicyIn our Cookie Policy we explain about the types of Cookie the website produces and what these are used for.
Click here to download our Cookie Policy