Privacy Notice

Houlder views the protection, confidentiality and integrity of personal data as a critical responsibility that we take seriously at all times.


This Notice sets out Houlder’s policy on the protection of information relating to staff members; workers; contractors; volunteers; interns (referred to as staff members); business customers; suppliers; partners, stakeholders and/or investors.  Houlder will ensure that data is always processed in accordance with the provisions of relevant data protection legislation including the General Data Protection Regulation (GDPR).

Any person who considers that the policy has not been followed in respect of personal data about themselves, should raise the matter with Houlder’s Data Protection Officer (DPO) initially.  If the matter is not resolved satisfactorily it could be raised as a formal grievance or complaint.

Data Processing

Data processing is any activity that involves the use of personal data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it.  Processing also includes transmitting or transferring personal data to third parties.

Personal Data

Personal data is any information identifying a data subject (a living person to whom the data relates).  It includes information relating to a data subject that can be identified (directly or indirectly) from that data alone or in combination with other identifiers Houlder possesses or can reasonably access.  Personal data can be factual (for example, a name, email address, location or date of birth) or an opinion about that person’s actions or behaviour.

Fair Processing Principles

In processing an individual’s data, the following principles will be adhered to.  Personal data will be:

Lawful Processing of Personal Data

Personal information will only be processed when there is a lawful basis for doing so.  Most commonly, Houlder will use personal information in the following circumstances:

Houlder may also use personal information in the following situations, which are likely to be rare:

In all cases, we will:

Data Security

Houlder has put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Details of these measures are available upon request.  Access to personal information is limited to those staff members and other third parties who have a business need to know.

They will only process personal information on Houlder’s instructions and are subject to a duty of confidentiality.  Houlder expects staff members handling personal data to take steps to safeguard personal data in line with this policy.

Data Sharing

Houlder requires third parties to respect the security of data and to treat it in accordance with the law.  Houlder may share personal information with third parties in strictly limited circumstances, including regulators, to otherwise comply with the law.

Houlder may also share employee and subcontractor data with third-party service providers where it is necessary to administer the working relationship with staff members or where Houlder has a legitimate interest in doing so. 

Individual Rights

Under certain circumstances, individuals have the right to:

If a Houlder staff member wishes to make a request on any of the above grounds, they should contact the Human Resources Manager in writing.  Other individuals should contact the Marketing Manager in writing.


Houlder has appointed a Data Protection Officer (DPO) who is tasked with overseeing compliance with Houlder’s Data Protection Policy, while responsibility lies with the Board of Directors.  All staff members, particularly those tasked with regularly handling personal data of colleagues or third parties, have responsibility for ensuring that processing meets the standards set out in our policy.