We collect and process personal information about our suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) to manage our relationships with our suppliers, receive services from our suppliers, and, where relevant, provide professional services to our clients. The personal information we process about our supplier contacts is generally business card information and includes name, employer, phone number, email and other business contact details, and communications with us.
Concerning individuals subcontracted to work for or with Deslyon, please refer to the relevant privacy statement available on Deslyon’s intranet for information on the collection and processing of your personal information about your role with Deslyon.
We use such personal information for the following business purposes:
• Receiving services. We process personal information about our suppliers and their staff as necessary to receive the relevant services. For example, when a supplier provides us with facilities management or other outsourced services, we will process personal information about those providing services.
• Providing professional services to clients. Where a supplier is helping us to deliver professional services to our clients, we process personal information about the individuals involved in providing the services to administer and manage our relationship with the supplier and the relevant individuals and to provide such services to our clients (for example, where our supplier is providing people to work with us as part of a Deslyon team providing professional services to our clients).
• Administering, managing and developing our businesses and services. We may process personal information to run our business, including:
– managing our relationships with suppliers;
– developing our businesses and services (such as identifying client needs and improvements in service delivery);
– maintaining and using IT systems;
– conducting surveys;
– hosting or facilitating the hosting of events; and
– administering and managing our website and systems, and applications.
• Security, quality and risk management activities. We have security measures to protect our and our client’s information (including personal information), which involves detecting, investigating and resolving security threats.
Personal information may be processed as part of our security monitoring; for example, automated scans to identify harmful emails. We have policies and procedures to monitor the quality of our services and manage risks concerning our suppliers. We collect and hold personal information as part of our supplier contracting procedures. We monitor the services provided for quality purposes, which may involve processing personal information.
• Providing information about us and our range of services. Unless we are asked not to, we use business contact details to provide information that we think will be of interest about us and our services -- for example, industry updates and insights, other services that may be relevant and invite to events.
• Complying with any requirement of law, regulation or a professional body we are a member of. As with any professional services provider, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations, and those records may contain personal information.
Personal information will be retained about our contacts at our suppliers for as long as it is necessary for the purposes set out above (e.g., for as long as we have, or need to keep a record of, a relationship with a contact which is for the duration of our relationship with a contact or their organisation). Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and to establish, exercise or defend our legal rights.
We may disclose personal information as described in the Information Disclosure section below.