How We Use Your Information
This privacy notice tells you what to expect when CSM Logistics Ltd collects personal information. It applies to information we collect about:
Visitors to Our Websites
When someone visits www.csmlogistics.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
We use a third party provider, “Mailchimp” to deliver our periodic e-newsletters. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. These can vary from time to time and so in order to obtain up-to-date information on each e-newsletter, please contact us at DataController@moholdings.com
People who contact us via social media
We use the supplier standard interfaces to manage our social media interactions.
If you send us a private or direct message via social media the message will be stored by us, using these standard applications, which may change from time to time. We will not be shared with any other organisations.
People who call us
When you call us, we record the data, time and inbound telephone number; sometimes, we also record the content of the conversation in a media file called a “WAV” file. This file is kept secure and we have policies and procedures that allow some of our senior management and IT team to review the recordings. The review of recordings can be made to support training purposes for staff members, or it can be to review complaints made for service failures.
People who email us
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
When emailing us; you should consider that we may retain that email and content, including file attachments, in perpetuity or for as long as we deem necessary to conduct lawful business relations with you.
People who make a complaint to us
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, and these are periodically reviewed by senior management team members, so that we can look to continuously improve upon our services.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
Our primary service is the delivery of parcels from business to business and business to consumers.
As consumers of our system of delivery, you may or may not have a direct relationship with us, and instead, your details may have been sent to us from a supplier that you have engaged in, where that supplier has need to deliver goods to you via our delivery network. Where this is the case, you should continue to expect that we will keep and secure details regarding your personal information in no less a condition than that of your supplier.
As business clients of our system of delivery; you should also expect that we will keep, process and secure your personal and commercial information, using appropriate technical means. This will include the periodic review of the delivery addresses that you have supplied to us, to enforce continued accuracy and accountability; periodic privacy notices with regards to the suppliers that we use to provide for delivery service (“our suppliers”), updates to security protocols, web browsers that can be supported, and all practical and generally accepted good business and housekeeping processes.
Our website and services are managed and hosted by Graphite Inc Ltd; Graphite Inc Ltd are a group company associated with MO Holdings through common share holdings.
Our IT Manager (internal) is assisted by a third party supplier called “TekNet Solutions Ltd”; we operate a standard arm’s length commercial contract with them for IT support and procurement services.
Our delivery network consists of UPS, DHL, DPD, DPD Local, FedEx, TNT, Parcelink, Pallet-Track and others, where we will need to share delivery details with (which may also include contact details such as name, address, phone number); this is to ensure that you can receive your delivery from us at a time convenient to you and that we can verify it’s delivery for you.
Our principle place of operations is the UK and EEA although we also ship to destinations throughout the world. All of our data storage and data management takes place within the UK or EEA community, but in circumstances where parcel delivery is required to take place outside of the EEA, it is likely that we will have to share necessary contact details with the end delivery company, in order to ensure successful receipt of your parcel. Only the minimum amount of data is ever shared with our supply chain in order to ensure the successful use of our service.
Please note that on some rare occasions, your contact delivery information may be passed through a chain of suppliers, before your parcel is successfully delivered to you. Our data controller and data processing agreements ensure that shared rights and responsibilities to keeping your data secured, lawfully and responsibly processed are enforced throughout the entire supply chain.
Job applicants, current and former employees
CSM Logistics Ltd is a member of a group of companies called MO Holdings Ltd. This group is made up of a number of holding companies that may be directly or indirectly linked to one another, through formal share ownership, joint ventures, common directorships or other lawful means. MO Holdings and the group companies maintain accurate records of persons with controlling interests with UK Companies House.
MO Holdings is the data controller for the information you provide during the recruitment, HR & Payroll process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at DataController@MOHoldings.com
What will we do with the information you provide to us?
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.
If you use our online application system, this will be collected by a data processor on our behalf. We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information; as will our IT team and Web Hosting team (Graphite Inc Ltd).
You will also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team, including hiring managers, in a way which can identify you. Any information you do provide, will be used only to produce and monitor equal opportunities statistics.
We might ask you to participate in assessment days; complete tests or occupational personality profile questionnaires; and/or to attend an interview – or a combination of these. Information will be generated by you and by us. For example, you might complete a written test or we might take interview notes. This information is held by the MO Holdings Ltd.
If you are unsuccessful following assessment for the position you have applied for, we will remove your details from our system. If you should like to reapply for any positions in the future, you will be asked to reapply and resubmit your details.
If we make a conditional offer of employment we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.
You will therefore be required to provide:
Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
Proof of your qualifications – you will be asked to attend our office with original documents, we will take copies.
You will be asked to complete a criminal records declaration to declare any unspent convictions.
We may provide your email address to the Government Recruitment Service who will contact you to complete an application for a Basic Criminal Record check via the Disclosure and Barring Service, or Access NI, which will verify your declaration of unspent convictions.
We will contact your referees, using the details you provide in your application, directly to obtain references
We will also ask you to complete a questionnaire about your health. This is to establish your fitness to work. This is done through a data processor.
If we make a final offer, we will also ask you for the following:
Bank details – to process salary payments
Emergency contact details – so we know who to contact in case you have an emergency at work
Membership of a Pension scheme.
Post start date
Some roles require a higher level of security clearance – this will be clear on the advert. If this is the case, then you will be asked to submit additional information to us.
Our Code of Conduct requires all staff to declare if they have any potential conflicts of interest, or if they are active within a political party. If you complete a declaration, the information will be held on your personnel file.
Use of data processors
Data processors are third parties who provide elements of our recruitment service for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Under the EU-GDPR 2018 and Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you.
You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/
Complaints or queries
CSM Logistics Ltd tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of CSM Logistics Ltd collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
If you want to make a complaint about the way we have processed your personal information, you can contact us at DataController@MOHoldings.com; should you feel your complaint is not being handled to your satisfaction, we also operate an independent team of personnel at DataProtectionOfficer@MOHoldings.com and also; we fully respect your rights to contact our Supervisory Authority (www.ico.org.uk).
Access to personal information
CSM Logistics Ltd tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998 and GDPR legislation. If we do hold information about you we will:
- Give you a description of it;
- Tell you why we are holding it;
- Tell you who it could be disclosed to; and
- Let you have a copy of the information in an intelligible form.
To make a request to us, for any personal information we may hold you need to put the request in writing addressing it to our Data Controller, using the email previously given or by writing to the address provided below.
Disclosure of personal information
In many circumstances we will not disclose personal data without consent. However when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies.
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 8th May 2018.
How to contact us
Data Controllers Office
25D Copperfield St