Lench’s Trust is committed to protecting your privacy and complying with the Data Protection Act 2018

This policy set out the basis by which we collect, use and disclose the personal data of our Employees, as well as your rights in respect of such Personal Data.

We may update this Privacy Notice from time to time and will publish an up to date copy of the Privacy Notice on the company website. www.lenchs-trust.co.uk


Why a Privacy Notice

Under the EU General Data Protection Regulation (GDPR) a privacy notice must be supplied to the individual at the time they provide you with their personal data. The GDPR says that the information you provide to people about how you process their personal data must be:

  • concise, transparent, intelligible and easily accessible
  • written in clear and plain language
  • free of charge

The GDPR defines personal data as the following:

“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”

“Special categories” of personal data (sensitive personal data) relate to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.


Why we collect your Personal Data?

  • When you apply for a position with Lench’s Trust, either via are website, telephone, in person or email
  • When we receive your Personal Data from third parties, for example recruitment agencies or security screening e.g. The Data Barring Service
  • In the course of managing your employment with Lench’s Trust, for example Payroll or Pension information
  • When we collect data through the implementation of any HR Employee Relations Policies e.g. Disciplinary;
  • When you use any of our HR services


What type of Personal Data do we collect?

We may collect the following types of Personal Data:

  • Your name and address, email, telephone number and other contact information that allow us to meet our organisational and statutory obligations to you as your Employer
  • Records of performance reviews, grievances and disciplinary matters
  • Details of family members and next of kin
  • Bank Details
  • Rights to work to work documentation and other security screening documentation

Some of the information we collect about you may include Sensitive Personal Data as defined in the Data Protection Act 1998.  We will not utilize this data unless we have your consent.


Using the Information we keep about you

We may use your personal data in the following ways:

  • to ensure that the information we hold about you is kept up-to-date;
  • to deal with any Employee/employers related disputes that may arise;
  • for assessment and analysis purpose to help improve the operation of, and manage the performance of, our business;
  • to prevent, detect and prosecute fraud and other crime;
  • for any other purpose for which you give us your consent to use Personal Data;
  • to comply with legal obligations e.g. HMRC, pensions etc.

In order to manage the business we will use information which personally identifies you however we may also use consolidated information.


Storing your Personal Data

Lench’s Trust use vigorous, robust systems to secure the data we hold. 

Your records will be retained for six years after your employment has been terminated.

There are strict controls on who can see your information.  We will not share your data if you have advised us that you do not want it shared unless it is one of the points outlined under “why we may use your personal data”


We may share your personal data:

  • with other employees, agents and/or professional advisors;
  • with other third party contractors who provide services to us;
  • where we are under a legal obligation to do so, for example where we are required to share information under statute, to prevent fraud and other criminal offences or because of a Court Order for example HRMC, the police.


We have robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether we release data to third parties are subject to a strict approval process and based on a detailed assessment of:

  • who is requesting the data
  • the purpose for which it is required
  • the level and sensitivity of data requested
  • the arrangements in place to store and handle the data


European Economic Area

We will not share your information outside of the EEA for any reason

Your rights

Under data protection legislation you as “the employee” have the right to request access to the information that we hold about you at any time by contacting The Data Protection Officer – Mr Jean-Luc Priez, Head Office, William Lench Court,80 Ridgacre Road, Birmingham B32 2AQ, or by email to: [email protected] 

The provision of this information may be subject to the payment of a fee (currently £10).

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing damage or distress
  • in certain circumstances, have inaccurate personal date rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations.

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/

If you would like to discuss anything in this privacy notice, please contact the Chief Executive as detailed above.


The security of your Personal Data is very important to us.

We will ensure that we have in place appropriate technical and organizational measures to prevent unauthorized or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to personal Data.

How to make a complaint

If you are unhappy with the way in which your personal data has been processed you may in the first instance contract the Chief Executive using the contact details above.

If you remain dissatisfied then you have the right to apply directly to the Information Commissioner for a decision.  The Information Commissioner can be contact at:-

Information Commissioner’s Office

Wycliffe House

Water Lane