Contact & mobilisation forms
Names, work email addresses, phone numbers, trade information, and attachments you upload. Data is retained for up to 18 months so we can action repeat scopes faster.
What this covers
Web forms, onboarding packs, and supplier records
This notice applies to enquiries submitted via our website forms, direct emails to the mobilisation desk, candidate onboarding, and supplier onboarding. It does not cover third-party job boards—we link to their respective notices when used.
Candidate onboarding
Right-to-work evidence, trade cards, medical confirmations, and shift history provided by you. Stored in our encrypted applicant tracking system with access limited to compliance leads.
Client & supplier records
Purchase orders, contract signatories, and billing details required to deliver frameworks. Retained for seven years to meet HMRC and insurance obligations.
How we process data
Straightforward purposes and tight retention
- Responding to requests: We log enquiries in our secure CRM so coordinators can provide availability charts, compliance packs, or supplier paperwork.
- Fulfilling contracts: Candidate and supplier records feed mobilisation schedules, payroll exports, and NEC4 change control logs.
- Legal obligations: Certain records (e.g., right-to-work, invoicing) must remain on file to meet UK employment and tax regulations.
- No cookies or analytics: We do not run tracking pixels, remarketing tags, or analytics suites on this site.
- No automated decision making: Availability decisions are reviewed by our mobilisation desk, not algorithms.
When data leaves DPL
Limited sharing with delivery partners
We only pass data to organisations directly involved in fulfilling your project or employment agreement.
Client project teams
Candidate profiles and compliance proof shared with the hiring client or principal contractor that requested the mobilisation.
Payroll & vetting providers
HMRC-compliant payroll partners and occupational health providers receive the minimum data required to run pay or renew certifications.
Cloud infrastructure
We use Microsoft 365 and encrypted UK/EU data centres for email, document storage, and backups. Access is logged and limited by role.
Your rights
Access, corrections, objections, and deletion
Under UK GDPR you can request a copy of your data, ask us to update inaccuracies, object to processing, or request deletion when we no longer need the records.
Make a request
Email privacy@danpol.co.uk with enough detail for us to locate your records. We respond within one working week and complete requests within 30 days.
Escalations
If you are unhappy with our response you can contact the Information Commissioner's Office (ICO) in the UK. We will always attempt to resolve issues directly first.
Need something removed or updated?
Contact our mobilisation desk or data team any time. We would rather adjust a record quickly than leave you wondering.