Effective: 2023 November 27 Privacy Hub
Westfield Specialty Management Services Ltd., its subsidiaries and affiliates ("Westfield Specialty Ltd" or "we”, "us" or "our") respect your privacy.
This Privacy Notice ("Privacy Notice") applies to Westfield Specialty and specifically to the personal data of employees, directors, officers, part-time workers and independent contractors (collectively, “employees”) of Westfield Specialty Ltd.
This Privacy Notice explains our practices regarding personal data, including the kinds of personal data we may collect and how we intend to use and share that personal data.
Westfield Specialty Ltd collects personal data from current and former employees and independent contractors ("Employee Personal Data”). The personal data we collect may include without limitation:
We may also collect special category personal data such as details of health and disability, including medical information, health insurance information, mental health, medical leave, maternity leave; information about national origin or immigration status; and optional demographic information (“Special Category Personal Data”).
Where Westfield Specialty Ltd carries out background checks and risk assessments on employees this may involve the processing of criminal record data and this will only be processed where such processing is specifically authorized or required by law (“Data Concerning Criminal Convictions and Offences” and collectively with Special Category Personal Data “Sensitive Personal Data”).
We process Employee Personal Data of employees, directors, officers, part-time workers and independent contractors for the purposes set out below. The exact purposes depend on the nature of the data and our relationship with you.
Purpose: Maintaining records regarding you and your role at Westfield Specialty Ltd.
Legal Basis:
Purpose: Making decisions regarding your continued appointment, including verifying your right to work.
Legal Basis:
Purpose: Entering into or performing your employment contract.
Legal Basis:
Purpose: Administering human resource functions including performance reviews and payroll, benefits, insurance, succession and compensation planning, and business travel or relocation.
Legal Basis:
Purpose: Administering HR functions including performance reviews, training, internal directories, internal communications, system access, disciplinary action, termination and retirement.
Legal Basis:
Purpose: Maintaining health and safety in the workplace, including managing leaves of absence (e.g., medical or maternity).
Legal Basis:
Purpose: Communicating with you, vendors and business associates, authorising access to systems, facilities, devices and records, and contacting your emergency contacts.
Legal Basis:
Purpose: Conducting audits, investigating and resolving complaints, grievances or misconduct, and monitoring network and system security (including internet and email monitoring).
Legal Basis:
Purpose: Preparing for or responding to inquiries, investigations or proceedings by governmental, administrative, judicial or regulatory authorities, including civil litigation.
Legal Basis:
Purpose: Managing corporate transactions such as mergers, acquisitions, financing due diligence, reorganisations, bankruptcy, receivership, sale of company assets, or transition of service to another entity. Employee Personal Data may be transferred during such a transaction.
Legal Basis:
Purpose: May process employee personal data relating to criminal convictions and offences to determine whether employees should continue in their role with the organisation.
Legal Basis:
Purpose: Ensuring workplace health and safety, providing reasonable adjustments, monitoring demographics for diversity goals and administering related benefits (e.g., maternity, sick pay).
Legal Basis:
You have the right to object to the processing of your Employee Personal Data where such processing is based on our legitimate interests. However, please note that Westfield Specialty Ltd may not be able to fulfil this request in all cases.
We may share Employee Personal Data to the extent necessary for the above purposes with the following recipients:
We may engage third parties to perform certain functions on our behalf. To do so, we may disclose Employee Personal Data to our third-party vendors and service providers such as, benefit administration, compensation management, payroll management, onboarding & new hire management, background checks, talent acquisition & staffing and information technology systems providers.
Westfield Specialty Ltd may share Employee Personal Data with our affiliates, including those in the U.S., and subsidiaries for our and our affiliates’ and subsidiaries’ internal business purposes.
We may disclose your Employee Personal Data to local tax authorities and any governmental or administrative body where we determine that it is necessary or desirable in order to comply with applicable laws, court orders, or government regulations or to protect the rights or property of Westfield Specialty Ltd or any of its employees.
If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another entity, then your Employee Personal Data may be transferred as part of such a transaction as permitted by law and/or contract.
Independent public accountants and auditors, authorized representatives of internal control functions such as, audit, legal and/or corporate security and Lloyds of London.
When you post content to the Intra-Westfield site(s), other internal individuals may be able to see certain Employee Personal Data about you, such as your name and/or picture in addition to the content you post.
In accordance with applicable law, you may have the right to:
We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than one month after receipt of your request – unless we are entitled to extend this period in which case we will inform you of this extension. To protect your privacy, Westfield Specialty Ltd may take steps to verify your identity before fulfilling your request.
You also have the right to lodge a complaint with the applicable supervisory authority if you believe our processing of your Employee Personal Data violates applicable law.
It is important that the Employee Personal Data we hold about you is accurate and current. Please keep us informed if your Employee Personal Data changes during the course of our relationship.
Click Data Subject Rights Request, or contact a member of the Privacy Office by email or post, per the addresses below, to submit a request relevant to your rights.
Westfield Specialty Ltd retains the Employee Personal Data we receive as described in this Privacy Notice for as long as necessary to fulfil the purpose(s) for which it was collected in accordance with our record retention policies, and as follows:
We implement reasonable technical and organizational security measures designed to secure and protect Employee Personal Data. Please note, however, we cannot fully eliminate security risks associated with the storage and transmission of Employee Personal Data.
We may disclose Employee Personal Data for the above listed purposes to recipients located in countries outside of the UK, including the U.S., some of which may not have data protection laws equivalent to those in the UK.
For intra-group transfers of Employee Personal Data, Westfield Specialty Ltd has entered into an intra-group data transfer agreement from Westfield Specialty Ltd to Ohio Farmers Insurance Company (“OFIC”) entities outside the UK/EEA/Switzerland or otherwise when we rely on a derogation for the international transfer of Employee Personal Data (e.g., where the transfer is necessary for the defence of legal claims).
The identity and contact details of OFIC are set out in this section and below. The categories of Employee Personal Data processed by OFIC are set out above. OFIC may also transfer Employee Personal Data to the third party recipients who may be located outside the UK/EEA/Switzerland for the purposes set out herein. OFIC will only make such onward transfers to recipients ensuring appropriate safeguards in compliance with applicable law, or where otherwise permitted by the SCCs and which may include entry into SCCs.
For cross-border transfers of Employee Personal Data to other recipients, including our service providers, Westfield Specialty Ltd will put in place appropriate safeguards so that Employee Personal Data is and remains protected. These may include implementing the Standard Contractual Clauses with the UK International Data Transfer Addendum or Binding Corporate Rules or otherwise when we rely on a derogation for the international transfer of Employee Personal Data (e.g., where the transfer is necessary for the defence of legal claims).
You may obtain further information and a copy of the relevant data transfer mechanisms that we have in place via contacting privacy@westfieldgrp.com.
This Privacy Notice is reviewed and updated periodically. The most recent version of the Privacy Notice is reflected by the version date located at the top of this page. We encourage you to review this Privacy Notice often to stay informed of how we may process your information. If there are any material changes to this Privacy Notice, we will notify you as required by applicable law.
For the purposes of UK data protection law, the entity which manages the hiring process where you are an applicant (Westfield Specialty Management Services, Ltd.) is the controller of personal data.
If you have any question about this Privacy Notice or the practices described in it, or would like to contact us about any rights you may have with regard to your personal data, you can contact us via the Data Subject Rights Request above, email, or postal mail as follows:
Email: privacy@westfieldgrp.com.
Post:
Floor 36
22 Bishopsgate
London
EC2N 4BQ
United Kingdom