Privacy Notice

The Hawkins Group is formed of Hawkins & Associates Limited, Hawkins & Associates (Trustees) Limited, Hawkins (International) Limited, Hawkins Forensics Limited, Hawkins and Associates (Singapore) PTE Limited and Hawkins and Associates (Hong Kong) Limited. This Privacy Notice explains how we collect data from you and how the data is used.

Data Protection Officer - Contact Details

Lisa Knappett
Data Protection Officer
120 Cambridge Science Park
Milton Road
Cambridge
CB4 0FZ

Email: [email protected]

What information do we collect about you?

  • Marketing data including visitors to our website
  • Operational data (assignments we are appointed on by our clients)
  • Human Resources data
  • Shareholder data
  • Supply chain partner data

 

What categories of Personal Data do we hold about you?

The following is a list of the types of personal information held by the Hawkins Group, we will not hold all types of information on each individual.

Clients (Marketing and Operational)

  • Name
  • Job Title
  • Address
  • Email address
  • Telephone number
  • CCTV footage if visiting one of the Hawkins Group premises
  • Analytical marketing data from visits to our website, interaction with emails and call to action

Client customers (Insured), Insured’s employees, other claim related third parties, members of the public (Operational)

  • Name
  • Address
  • Email address
  • Telephone number
  • Gender
  • Marital status
  • Date of birth
  • Insurance policy number
  • Claim reference number, policy coverage, details of the claim and possible cause of loss 
  • Medical records such as health history, personal habits (such as smoking or alcohol consumption) and any information voluntarily provided to us
  • Criminal record data
  • Photographs and video images
  • Relationship to Insured
  • CCTV footage (at Hawkins premises or received during an investigation)
  • Digital recordings (taken by our employees, via conference call or on site

Human Resources

  • Name
  • Address
  • Email address
  • Telephone number
  • Date of birth
  • Gender
  • Emergency contact details
  • Financial, payroll and tax information
  • Employment contract records
  • Absence records
  • Health records
  • Performance records
  • Recruitment records
  • Training records, compliance with policy and risk monitoring
  • Termination of employment records
  • Due diligence records (including criminal records check)
  • CCTV footage and access control system data at the Hawkins Group premise
  • Microsoft Analytics

Shareholders

  • Name
  • Address
  • Email address
  • Telephone number
  • Shareholding records
  • Bank account details

Supply Chain Partners

  • Name
  • Address
  • Email address
  • Telephone number
  • Qualifications of employees

Visitors to our Website and Cookies

  • Analytical marketing data from visits to our website
  • Interaction with emails
  • Call to action

Hawkins has separate Notices which set out similar information in relation to the cookies that we use on our websites, which can be found here:

 

How do we collect data about you?

Clients (Marketing and Operational)

  • Directly from you when you register for marketing purposes
  • Submission of Contact Us Form, E-Newsletter and/or Training Forms on Hawkins' websites
  • Entry into a competition
  • Registration for a webinar
  • Directly from you when you place an assignment with us
  • Directly from you when you engage with our website and email communications

Insured, Insured’s employees, other claim related third parties, Members of the public (Operational)

  • Supplied to us by our client
  • Supplied to us by another third party related to the assignment we are appointed on
  • Directly from you
  • Digital recordings (telephone, conference call or dictation machine)
  • Social media platforms
  • Digital devices such as:
    • Mobile telephones, tablets, kindles, laptops/desktop computers
    • CCTV, Sat Nav, Wi-Fi routers, USB storage, games consoles, smart watches, social media, GPS devices, smart appliances, motor vehicles, drones.

Where the personal data is provided by our client this will typically be subject to the terms and conditions of your insurance policy, failure to allow us to process the data may lead to you being in breach of the terms and conditions of your insurance policy.

Human Resources

  • Directly from you
  • Supplied to us by a recruitment agency
  • Agencies carrying out due diligence
  • Previous employer for reference purposes
  • Medical practitioner
  • Social media platforms
  • Digital recordings (Teams) for training purposes
  • Microsoft Analytics

Shareholders

  • Directly from you
  • By a privileged relation

 

What is our lawful basis for collecting information about you?

For personal data to be processed lawfully in most countries, they must be processed on the basis of one of the lawful grounds stipulated by the applicable law. When sensitive Personal Data is being processed additional conditions must be met.

Depending on your relationship with us, the legal basis for us processing your Personal Data is one of the following:

  • Processing is necessary for the legitimate interest of the Hawkins Group to carry out its activities
  • Processing is necessary for the performance of a contract (insurance or employment, for example)
  • Processing is necessary for compliance with a legal obligation
  • Processing is necessary for an insurance purpose
  • Processing is necessary for the purpose of legal proceedings
  • Processing is necessary for compliance with employment law
  • Preventing or detecting an unlawful act

 

What is our purpose for processing the information and how will we use that information?

Clients (Marketing and Operational)

Data held for marketing purposes is used to make contact with those who may be interested in our services and if you have previously appointed us, to make you aware of other services that we provide. We may analyse your interaction with our website and email communications to provide better marketing and focused communications.

If we hold your data for marketing purposes you have the right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Hawkins Group. If you no longer wish to be contacted for marketing purposes please email [email protected].

Client data held for operational purposes is used as part of an assignment we are appointed on.

Client customers (Insured), Insured’s employees, other claim related third parties, Members of the public (Operational)

Operational data is held to analyse as part of an assignment we are appointed on by a client.

Human Resources

Data held by our Human Resources team is used to:

  • Facilitate our recruitment process
  • Manage the day to day operations of our business
  • Check you have the legal right to work for us
  • Monitor diversity and equal opportunities
  • Provide you with access to business services for your role
  • Process your salary, pension and other employment related benefits
  • Process the administration of statutory and contractual leave entitlement
  • Assess performance, training and development needs
  • Comply with our legal obligations which includes ensuring the health, safety and wellbeing of our employees
  • Assessing compliance with corporate policies and procedures
  • Ensure the security of our premises, IT systems and employees

Microsoft analytical data is processed solely for employee personal use to help with productivity, prioritise wellbeing with actionable recommendations such as reserving time for focused work. Analytics data will not be used by Hawkins for any other purpose. As a Viva Insights user, you can opt in and opt out at any time.

Shareholders

Shareholder data is held to manage individual shareholdings.

CCTV Footage 

CCTV data held by Hawkins’ Group premises is held for security purposes only.

CCTV data may be held to analyse as part of an assignment we are appointed on by a client.

Automated Decision Making or Profiling

The Hawkins Group does not use any form of automated decision making or profiling for any purposes.

Marketing

If we hold your data for marketing purposes you have the right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Hawkins Group. If you no longer wish to be contacted for marketing purposes please email [email protected].

 

Who might we share your Personal Data with?

Personal Data may be shared with the clients and suppliers of The Hawkins Group and other assignment related third parties.

Personal Data held by the Group may be transferred to:

  • Other members of the Hawkins Group
  • Clients
  • Other assignment related third parties
  • Third party service providers to provide and support our Information Technology and Business Support services
  • Auditors and professional advisors
  • Training Providers
  • Employee benefits providers
  • Law enforcement or other government and regulatory agencies

 

International Data Transfers

Due to the global nature of our business, we may transfer personal data to third parties that have a different data protection regime than found in the country in which you are based. For example, we may transfer personal data internationally to our Group companies, service providers, business partners, government and public authorities in order to perform the services.

We rely on legally provided mechanisms to lawfully transfer personal data across borders. In most cases we will use the EU approved Standard Contractual Clauses. These Clauses ensure that any third parties have the appropriate safeguards and/or contractual obligations in place to ensure the safety and confidentiality of Personal Data.

If Standard Contractual Clauses are not applicable then Hawkins will ensure that additional safeguards are in place or an exemption applies.

 

How do we ensure security of Personal Data?

The Hawkins Group has auditable policies and processes in place meaning that personal data is processed in a manner that ensures security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. This means that we have appropriate security in place to prevent the personal data we hold being accidentally or deliberately compromised.

Hawkins is Cyber Essentials Plus Certified. Cyber Essentials is an effective, government-backed scheme aimed at helping to protect our organisation against a whole range of the most common cyber attacks. This is important as vulnerability to these types of attacks can mark us out as target for more in-depth unwanted attention from cyber criminals and others.

 

What are my Rights?

Access to your information and correction

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of the personal information that we hold about you please either email us at [email protected] or write to us at:

Data Protection Officer
120 Cambridge Science Park
Milton Road
Cambridge
CB4 0FZ

We want to ensure that your information is accurate and up to date, you may ask us to make corrections to your data.

Right to erasure

In certain circumstances you have the right to request us to erase your personal data. If you would like some or all of your personal data erased from our system please either email us at [email protected] or write to us at:

Data Protection Officer
120 Cambridge Science Park
Milton Road
Cambridge
CB4 0FZ

Right to restrict processing

In certain circumstances you may request the restriction of your personal data. If you would like to make such a request, please either email us at [email protected] or write to us at: 

Data Protection Officer
120 Cambridge Science Park
Milton Road
Cambridge
CB4 0FZ

Right to object

In certain circumstances you may request that we stop processing your personal data (for marketing purposes, for example, as detailed above). The right is not absolute and will be considered on a case-by-case basis. If you would like to make such a request, please either email us at [email protected] or write to us at: 

Data Protection Officer
120 Cambridge Science Park
Milton Road
Cambridge
CB4 0FZ

 

How long will you retain my Personal Data?

The retention period for personal data will be assessed depending on the nature of the information held. The retention policy will vary depending on whether data has been collected for Marketing, Human Resources, Operational, Shareholding or Security purposes. The retention policies are regularly reviewed and personal data is not held for longer than is necessary for the purpose it was collected.

 

How do I lodge a complaint with the supervisory authority?

You have the right to lodge a complaint with the supervisory authority if you are not satisfied by the way in which we store and process your personal information.

Details of the supervisory authorities relevant to the jurisdictions in which the Hawkins Group operate are detailed below.

In the UK the supervisory authority is the Information Commissioner’s Office (ICO). The contact details for the ICO are:

Website:          www.ico.org.uk
Telephone:      0303 123 1113
Address:          Information Commissioners Office
                        Wycliffe House
                        Water Lane
                        Wilmslow
                        SK9 5AF

In Hong Kong the supervisory authority is The Office of the Privacy Commissioner for Personal Data.  The contact details are:

Website:          www.pcpd.org.hk
Telephone:      2827 2827
Address:          Room 1303, 13/F
                        Sunlight Tower
                        248 Queen’s Road East
                        Wanchai
                        Hong Kong

In Singapore the supervisory authority is the Personal Data Protection Commission.  The contact details are:

Website:          www.pdpc.gov.sg
Telephone:      6377 3131
Address:          10 Pasir Panjang Road
                        #03-01 Mapletree Business City
                        Singapore
                        117438

There is no national authority in the UAE. A single national data privacy regulator will be established and known as the UAE Data Office. Further information will be available in due course.

 

Changes to this Privacy Notice

This Privacy Notice is regularly reviewed and may change from time to time. This Privacy Notice was last updated on 5 August 2022.

Contact Us

If you are seeking a career in forensic consultancy, email us at [email protected] and attach your CV together with a summary of your area of experise, experience, and what you can bring to the team.

Submitting this contact form will enter your details into our contacts database and we will reply to your request as soon as possible. We will also retain your details so we may contact you from time to time. You can ask us to remove your details at any time. For details, see our Privacy Notice.