POLICY STATEMENT
The Lucketts Group* (the Group", we, us, and our) is committed to:
Fully complying with all the requirements of the General Data Protection Regulation (GDPR).
The efficient management of its records for the effective delivery of our services.
The Lucketts Group* comprises:
H Luckett & Co Limited
Lucketts Holdings Limited
Lucketts Travel
Worthing Coaches
Mortons Travel
Coliseum Coaches
Solent Coaches
SCOPE
This policy explains how we will comply with its responsibilities and obligations under the GDPR and its principles relating to the storage and destruction of personal data.
This policy gives guidance about disposing, deleting and retaining the personal data for which we have a responsibility and/or obligation under the GDPR.
This policy applies to:
All personal data that is stored by us whether kept on paper, electronically and/or digitally.
All staff of the Group
This policy should be read and used in conjunction with our other following policies:
Data protection
Privacy
OBJECTIVE
The objectives of this policy are to:
Ensure we follow the GDPR and its principles relating to the storage, disposal and destruction of personal data
Ensure we comply with all applicable legal and regulatory requirements
Ensue personal data is stored securely
Ensure that personal data is not out of date
Keep personal data accurate
Assist with responding to subject access requests
Ensure personal data that has been placed in storage can be found and retrieved quickly and efficiently
Ensure the storage, disposal and destruction of personal data is carried out in a consistent and controlled manner.
Assist with audits
Minimise storage requirements and costs
Assist in the identification of the location of personal data
Clarify responsibilities for implementing, complying and monitoring this policy
DEFINITIONS
Personal data means any information relating to an identified or identifiable person ('data subject') such as a name, postal/email address, telephone number or identification number.
Special categories of personal data mean personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation and data concerning criminal convictions or offences
Data subject means any individual whose personal data is processed by the Group
Processing means any use of personal data such as the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, erasure and destruction. (This means that virtually anything the Group does with personal data will be processing).
Data controller means the organisation which decides the purposes and means of the processing of personal data
NB: The data controller for the purposes of this policy is the Lucketts Group
Data processor means an individual or organisation that processes personal data on behalf of a data controller
Personal data breach means a breach of security leading to the accidental, or unlawful, destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Consent means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data.
Staff means anyone working at or for us on a permanent or temporary basis, including, Directors and permanent, interim and temporary employees.
PRINCIPLES
The relevant data protection principles for the purposes of this policy are that personal data must be:
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)
Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy)
for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to implementation of the appropriate technical and organisational measures in order to safeguard the rights and freedoms of the data subject (storage limitation)
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (integrity and confidentiality).
NB: Keeping personal data unnecessarily may use up valuable storage space, incur unnecessary costs and impose on us a significant liability risk.
ROLES AND RESPONSIBILITIES
The Lucketts Directors Group have ultimate responsibility for ensuring compliance with the GDPR, the data protection principles and this policy;
The Managing Director has overall responsibility for ensuring the Groups compliance with the GDPR, the data protection principles.
The HR Director has responsibility for the HR Department ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of staff held by the HR Department. The HR Director contact details on located on the company communications list.
The Operations Director has responsibility for Operations ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and operations staff held by the Operations Department. The Operations Director contact details on located on the company communications list.
The Sales and Marketing Director has operational responsibility for Sales and Marketing ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and sales & marketing staff held by the Sales and Marketing department. The Operations Director contact details on located on the company communications list.
The Engineering Director has operational responsibility for Engineering ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and engineering staff held by the Engineering Department. The Engineering Director contact details on located on the company communication list
The Finance Controller has operational responsibility for Finance ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and staff held by the Finance department. The Finance Controller contact details on located on the company communications list
Data Protection Officer (DPO)
The Data Protection Officer (DPO) has responsibility to remind the Directors Group of their responsibility for ensuring compliance with the GDPR, the principles of data protection and this policy. The DPO can be contacted via the Human Resources department
Management and Staff
Line managers are responsible for operational day to day adhering to the GDPR requirements and the Groups requirements, and ensuring staffs adherence with this policy.
All staff have a responsibility to comply with the GDPR, the data protection principles, the requirements of the Lucketts Group and this policy when carrying out their duties.
Important - Failure to comply with this policy may result in legal and/or disciplinary action.
Staff Training
All staff are required to attend/undertake training and failure to do so could result in disciplinary action
Appendix A sets out the periods of how long personal data will be kept.
DISPOSAL AND DESTRUCTION
When the retention periods expire we must dispose of and destroy all personal data unless either the Managing Director, HR Director or the Operations Director authorises that such data should be retained.
Any decision to retain personal data passed the expiry date must be logged and recorded on the Personal Data Retention Register held centrally.
IMPORTANT: Retaining or destroying personal data in breach of this policy may be considered serious gross misconduct and lead to dismissal.
Destruction and Deletion Process
Paper Records
Paper Records/personal data must be shredded, and the shredding placed in the confidential waste bags, immediately tied with secure tags, and taken to the secure storage with limited authorised access. A third party confidential waste provider is contracted by the Group to securely shred the confidential information on site, and then remove the shredded material for secure disposal.
Electronic Records
The Groups IT provider will delete all electronic records.
REVIEW OF POLICY AND PROCEDURE
The Lucketts Group policies and procedures aim to ensure that employees are aware of, and confident that, the employer is complying with current legislation and is protecting the interests of both the needs of the business and the employee. In this respect, it may be appropriate to modify existing policies and/or procedures from time to time to reflect changes as appropriate, and this policy will be reviewed as necessary by designated Group Directors, and/or by personnel as delegated by the Directors Group.
EQUALITY IMPACT ASSESSMENT
Equality Impact Assessment initial screening
Relevant Equality Area: | Does the Policy or its implementation? | Does the Company need to proceed to full EIA if in doubt then progress to full screening) | ||
Breach Equalities Legislation? | Affect different groups in different ways (both positive and negative) | Promote equality/good relations? | ||
Gender
| No | No | Yes | No |
Race | No
| No | Yes | No |
Disability | No
| No | Yes | No |
Sexual Orientation | No
| No | Yes | No |
Religion and Beliefs | No | No | Yes | No |
APPENDIX A
NB. Records are kept for at least 6 years in accordance with the UK Limitation Act 1980
Document | Retention Period |
Images including video, CCTV, photographs |
|
| CCTV will not be retained for longer than 30 days unless images are to be held for evidential purposes, and will then be kept in a secure place with limited access to authorised personnel only and kept for the period which is deemed necessary to achieve the evidential purposes.
Staff photographs are taken for identification purposes e.g. personnel record and organisation structure charts. The images will be kept only for the duration of their employment. Staff photographic images will be kept securely electronically on the HR personnel software for the individuals personnel record. Photographs may also be used for security passes and identification uses to deliver customer services and to meet MOD security requirements.
Marketing images will only be used with express written consent from the individual. Images will only be kept for the period of time necessary to achieve the purposes of use. |
Audio recording | Audio recording is not undertaken by the Lucketts Group.
Regarding voicemail messages left on employee company telephones and mobiles these will be deleted immediately once recording has been listened to. |
Governance |
|
Director information;
|
Permanent
6 years consideration must be given to the storing of sensitive data in line with GDPR requirements |
Registration and Statutory Returns |
|
Annual Returns to a regulator as applicable
Audited Company Returns and financial statements
Declarations of Interest
Registers of directors and secretaries
Register of Seals
Register of Shareholding Members as applicable
Register of share certificates
| 5 years
Permanently
6 years
Permanently
Permanently
Permanently
Permanently |
Strategic Management |
|
Business Strategy & Plans, and Support documentation e.g. organisation structures, aims, objectives | 5 years after plan completion |
Insurances |
|
Current and former policies
Annual Insurance Schedule
Claims and related correspondence
Indemnities and Guarantees
Group Health policies
Employers liability Insurance Certificate
| Permanently
6 years
3 years after settlement
6 years after expiry
12 years after cessation of benefit
40 years |
Finance Accounting, Tax Records, Bank Records |
|
Accounting Records; Balance sheets and supporting documents
Loan account control reports
Budgets and Financial reports
Tax Returns and records
VAT Records as applicable
Order and delivery notes
Copy invoices Credit and debit notes Cash records
Journal Transfer documents Creditors, debtors and cash income control documents.
VAT related correspondence as applicable
Cheques Paying in counterfoils Bank statements and reconciliations Instructions to bank
| 6 years
6 to 10 years
Permanently
10 years
10 years
10 years
6 years 6 years 6 years
6 years 6 years
6 years
6 years 6 years 6 years
|
Contracts and Agreements |
|
Planning consents and permissions
Property maintenance records
Professional opinions
Contracts under seal and/or executed as a Deed
Contracts for supply of goods/services including professional services
Documentation relating to one off purchases
Loan agreements
Licensing agreements
Rental and hire purchase agreements Indemnities and guarantees
Documents relating to successful tenders
Documents relating to unsuccessful tenders
Forms of tender as applicable
| 12 years after interest ceases
6 years
6 years
12 years after complication including any defects liability period 6 years after completion including any defects liability period
3 years
12 years after last payment
6 years after expiry
6 years after expiry 6 years after expiry
6 years after contract ends
2 years after notification
6 years |
Vehicles | Subject to the Transport Commission and vehicle safety requirements |
Mileage records Maintenance records including MOT tests Copy registrations | 2 years after disposal 2 years after disposal
2 years after disposal |
Capital Assets |
|
Fixed Asset Register
| Permanently |
Income Tax and Social Security |
|
Record of taxable payments Record of tax deducted or refunded Record of earnings on which NI contributions payable Record of employers and employees NI contributions NIC contracted out agreements Copies of notices to employees i.e. P45 and P60 Inland revenue notice of code changes Expenses claims Record of sickness payments Record of maternity payments Income TAX PAYE and NI Returns Redundancy payment details Inland Revenue Approvals Annual earnings summary
Employee Pension Schemes; Actuarial Valuation Reports Detailed return of pension fund contributions
Annual conciliation of fund contributions Money purchase details Qualifying service details
Investment policies
Pension records
Records relating to retirement benefits
| 6 years 6 years 6 years
6 years
6 years 6 years
6 years
12 years Permanently 12 years
Permanently Permanently Permanently
6 years after transfer or value taken
12 years from end of benefits payable under policy 6 years after year of retirement |
Employee Records |
|
Application Forms and Interview notes for unsuccessful candidates | At least 6 months and not more than 1 year consideration for the varying time limits of discrimination claims and time limits. |
Salary and Wages records including overtime, bonus, expenses
Income tax, and NI returns and correspondence with HMRC | 6 years
Not less than years after the end of the financial year to which they relate |
National Minimum Wage records | 3 years after the end of the pay reference period following the one that the records cover |
Personal records and training records including disciplinary and working time records | 6 years after employment ceases |
Statutory sick pay records, calculations, certificates self-certificates | 6 years after employment ceases consideration for sensitive date under the GDPR requirements |
Parental Leave | 5 years from birth/adoption of the child or 18 years if child receives a disability allowance |
Retirement Benefits | 6 years from the end of the scheme year in which event took place |
Redundancy details, calculations of payment, refunds, notification to the Secretary of State | 6 years from the date of redundancy |
Time sheets | 2 years after audit |
Trade Union Agreements | 10 years after ceasing to be effective. |
Staff Works Council Minutes | Permanently |
Health and Safety |
|
Medical Records relating to: * Control of asbestos Control of substances hazardous to health Under the Ionising Radiations Biological tests under the control of lead Accident books, Accident records and reporting including RIDDOR |
40 years from the last date of last entry
3 years from the date of the last entry (if accident involving a child then until that person reaches age 21) Subject to incidents involving hazardous substances. * |
POLICY STATEMENT
The Lucketts Group* (the Group", we, us, and our) is committed to:
Fully complying with all the requirements of the General Data Protection Regulation (GDPR).
The efficient management of its records for the effective delivery of our services.
The Lucketts Group* comprises:
H Luckett & Co Limited
Lucketts Holdings Limited
Lucketts Travel
Worthing Coaches
Mortons Travel
Coliseum Coaches
Solent Coaches
SCOPE
This policy explains how we will comply with its responsibilities and obligations under the GDPR and its principles relating to the storage and destruction of personal data.
This policy gives guidance about disposing, deleting and retaining the personal data for which we have a responsibility and/or obligation under the GDPR.
This policy applies to:
All personal data that is stored by us whether kept on paper, electronically and/or digitally.
All staff of the Group
This policy should be read and used in conjunction with our other following policies:
Data protection
Privacy
OBJECTIVE
The objectives of this policy are to:
Ensure we follow the GDPR and its principles relating to the storage, disposal and destruction of personal data
Ensure we comply with all applicable legal and regulatory requirements
Ensue personal data is stored securely
Ensure that personal data is not out of date
Keep personal data accurate
Assist with responding to subject access requests
Ensure personal data that has been placed in storage can be found and retrieved quickly and efficiently
Ensure the storage, disposal and destruction of personal data is carried out in a consistent and controlled manner.
Assist with audits
Minimise storage requirements and costs
Assist in the identification of the location of personal data
Clarify responsibilities for implementing, complying and monitoring this policy
DEFINITIONS
Personal data means any information relating to an identified or identifiable person ('data subject') such as a name, postal/email address, telephone number or identification number.
Special categories of personal data mean personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation and data concerning criminal convictions or offences
Data subject means any individual whose personal data is processed by the Group
Processing means any use of personal data such as the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, erasure and destruction. (This means that virtually anything the Group does with personal data will be processing).
Data controller means the organisation which decides the purposes and means of the processing of personal data
NB: The data controller for the purposes of this policy is the Lucketts Group
Data processor means an individual or organisation that processes personal data on behalf of a data controller
Personal data breach means a breach of security leading to the accidental, or unlawful, destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Consent means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data.
Staff means anyone working at or for us on a permanent or temporary basis, including, Directors and permanent, interim and temporary employees.
PRINCIPLES
The relevant data protection principles for the purposes of this policy are that personal data must be:
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)
Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy)
for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to implementation of the appropriate technical and organisational measures in order to safeguard the rights and freedoms of the data subject (storage limitation)
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (integrity and confidentiality).
NB: Keeping personal data unnecessarily may use up valuable storage space, incur unnecessary costs and impose on us a significant liability risk.
ROLES AND RESPONSIBILITIES
The Lucketts Directors Group have ultimate responsibility for ensuring compliance with the GDPR, the data protection principles and this policy;
The Managing Director has overall responsibility for ensuring the Groups compliance with the GDPR, the data protection principles.
The HR Director has responsibility for the HR Department ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of staff held by the HR Department. The HR Director contact details on located on the company communications list.
The Operations Director has responsibility for Operations ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and operations staff held by the Operations Department. The Operations Director contact details on located on the company communications list.
The Sales and Marketing Director has operational responsibility for Sales and Marketing ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and sales & marketing staff held by the Sales and Marketing department. The Operations Director contact details on located on the company communications list.
The Engineering Director has operational responsibility for Engineering ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and engineering staff held by the Engineering Department. The Engineering Director contact details on located on the company communication list
The Finance Controller has operational responsibility for Finance ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and staff held by the Finance department. The Finance Controller contact details on located on the company communications list
Data Protection Officer (DPO)
The Data Protection Officer (DPO) has responsibility to remind the Directors Group of their responsibility for ensuring compliance with the GDPR, the principles of data protection and this policy. The DPO can be contacted via the Human Resources department
Management and Staff
Line managers are responsible for operational day to day adhering to the GDPR requirements and the Groups requirements, and ensuring staffs adherence with this policy.
All staff have a responsibility to comply with the GDPR, the data protection principles, the requirements of the Lucketts Group and this policy when carrying out their duties.
Important - Failure to comply with this policy may result in legal and/or disciplinary action.
Staff Training
All staff are required to attend/undertake training and failure to do so could result in disciplinary action
Appendix A sets out the periods of how long personal data will be kept.
DISPOSAL AND DESTRUCTION
When the retention periods expire we must dispose of and destroy all personal data unless either the Managing Director, HR Director or the Operations Director authorises that such data should be retained.
Any decision to retain personal data passed the expiry date must be logged and recorded on the Personal Data Retention Register held centrally.
IMPORTANT: Retaining or destroying personal data in breach of this policy may be considered serious gross misconduct and lead to dismissal.
Destruction and Deletion Process
Paper Records
Paper Records/personal data must be shredded, and the shredding placed in the confidential waste bags, immediately tied with secure tags, and taken to the secure storage with limited authorised access. A third party confidential waste provider is contracted by the Group to securely shred the confidential information on site, and then remove the shredded material for secure disposal.
Electronic Records
The Groups IT provider will delete all electronic records.
REVIEW OF POLICY AND PROCEDURE
The Lucketts Group policies and procedures aim to ensure that employees are aware of, and confident that, the employer is complying with current legislation and is protecting the interests of both the needs of the business and the employee. In this respect, it may be appropriate to modify existing policies and/or procedures from time to time to reflect changes as appropriate, and this policy will be reviewed as necessary by designated Group Directors, and/or by personnel as delegated by the Directors Group.
EQUALITY IMPACT ASSESSMENT
Equality Impact Assessment initial screening
Relevant Equality Area: | Does the Policy or its implementation? | Does the Company need to proceed to full EIA if in doubt then progress to full screening) | ||
Breach Equalities Legislation? | Affect different groups in different ways (both positive and negative) | Promote equality/good relations? | ||
Gender
| No | No | Yes | No |
Race | No
| No | Yes | No |
Disability | No
| No | Yes | No |
Sexual Orientation | No
| No | Yes | No |
Religion and Beliefs | No | No | Yes | No |
APPENDIX A
NB. Records are kept for at least 6 years in accordance with the UK Limitation Act 1980
Document | Retention Period |
Images including video, CCTV, photographs |
|
| CCTV will not be retained for longer than 30 days unless images are to be held for evidential purposes, and will then be kept in a secure place with limited access to authorised personnel only and kept for the period which is deemed necessary to achieve the evidential purposes.
Staff photographs are taken for identification purposes e.g. personnel record and organisation structure charts. The images will be kept only for the duration of their employment. Staff photographic images will be kept securely electronically on the HR personnel software for the individuals personnel record. Photographs may also be used for security passes and identification uses to deliver customer services and to meet MOD security requirements.
Marketing images will only be used with express written consent from the individual. Images will only be kept for the period of time necessary to achieve the purposes of use. |
Audio recording | Audio recording is not undertaken by the Lucketts Group.
Regarding voicemail messages left on employee company telephones and mobiles these will be deleted immediately once recording has been listened to. |
Governance |
|
Director information;
|
Permanent
6 years consideration must be given to the storing of sensitive data in line with GDPR requirements |
Registration and Statutory Returns |
|
Annual Returns to a regulator as applicable
Audited Company Returns and financial statements
Declarations of Interest
Registers of directors and secretaries
Register of Seals
Register of Shareholding Members as applicable
Register of share certificates
| 5 years
Permanently
6 years
Permanently
Permanently
Permanently
Permanently |
Strategic Management |
|
Business Strategy & Plans, and Support documentation e.g. organisation structures, aims, objectives | 5 years after plan completion |
Insurances |
|
Current and former policies
Annual Insurance Schedule
Claims and related correspondence
Indemnities and Guarantees
Group Health policies
Employers liability Insurance Certificate
| Permanently
6 years
3 years after settlement
6 years after expiry
12 years after cessation of benefit
40 years |
Finance Accounting, Tax Records, Bank Records |
|
Accounting Records; Balance sheets and supporting documents
Loan account control reports
Budgets and Financial reports
Tax Returns and records
VAT Records as applicable
Order and delivery notes
Copy invoices Credit and debit notes Cash records
Journal Transfer documents Creditors, debtors and cash income control documents.
VAT related correspondence as applicable
Cheques Paying in counterfoils Bank statements and reconciliations Instructions to bank
| 6 years
6 to 10 years
Permanently
10 years
10 years
10 years
6 years 6 years 6 years
6 years 6 years
6 years
6 years 6 years 6 years
|
Contracts and Agreements |
|
Planning consents and permissions
Property maintenance records
Professional opinions
Contracts under seal and/or executed as a Deed
Contracts for supply of goods/services including professional services
Documentation relating to one off purchases
Loan agreements
Licensing agreements
Rental and hire purchase agreements Indemnities and guarantees
Documents relating to successful tenders
Documents relating to unsuccessful tenders
Forms of tender as applicable
| 12 years after interest ceases
6 years
6 years
12 years after complication including any defects liability period 6 years after completion including any defects liability period
3 years
12 years after last payment
6 years after expiry
6 years after expiry 6 years after expiry
6 years after contract ends
2 years after notification
6 years |
Vehicles | Subject to the Transport Commission and vehicle safety requirements |
Mileage records Maintenance records including MOT tests Copy registrations | 2 years after disposal 2 years after disposal
2 years after disposal |
Capital Assets |
|
Fixed Asset Register
| Permanently |
Income Tax and Social Security |
|
Record of taxable payments Record of tax deducted or refunded Record of earnings on which NI contributions payable Record of employers and employees NI contributions NIC contracted out agreements Copies of notices to employees i.e. P45 and P60 Inland revenue notice of code changes Expenses claims Record of sickness payments Record of maternity payments Income TAX PAYE and NI Returns Redundancy payment details Inland Revenue Approvals Annual earnings summary
Employee Pension Schemes; Actuarial Valuation Reports Detailed return of pension fund contributions
Annual conciliation of fund contributions Money purchase details Qualifying service details
Investment policies
Pension records
Records relating to retirement benefits
| 6 years 6 years 6 years
6 years
6 years 6 years
6 years
12 years Permanently 12 years
Permanently Permanently Permanently
6 years after transfer or value taken
12 years from end of benefits payable under policy 6 years after year of retirement |
Employee Records |
|
Application Forms and Interview notes for unsuccessful candidates | At least 6 months and not more than 1 year consideration for the varying time limits of discrimination claims and time limits. |
Salary and Wages records including overtime, bonus, expenses
Income tax, and NI returns and correspondence with HMRC | 6 years
Not less than years after the end of the financial year to which they relate |
National Minimum Wage records | 3 years after the end of the pay reference period following the one that the records cover |
Personal records and training records including disciplinary and working time records | 6 years after employment ceases |
Statutory sick pay records, calculations, certificates self-certificates | 6 years after employment ceases consideration for sensitive date under the GDPR requirements |
Parental Leave | 5 years from birth/adoption of the child or 18 years if child receives a disability allowance |
Retirement Benefits | 6 years from the end of the scheme year in which event took place |
Redundancy details, calculations of payment, refunds, notification to the Secretary of State | 6 years from the date of redundancy |
Time sheets | 2 years after audit |
Trade Union Agreements | 10 years after ceasing to be effective. |
Staff Works Council Minutes | Permanently |
Health and Safety |
|
Medical Records relating to: * Control of asbestos Control of substances hazardous to health Under the Ionising Radiations Biological tests under the control of lead Accident books, Accident records and reporting including RIDDOR |
40 years from the last date of last entry
3 years from the date of the last entry (if accident involving a child then until that person reaches age 21) Subject to incidents involving hazardous substances. * |
This website uses cookies to store information. By continuing to browse the website you are agreeing to their use. For more information view our cookie policy.