Stravica
  • Home
  • About us
  • Our Services
    • Facilities Management
    • Commercial Cleaning
    • Property Refurb & Fit Out
    • Grounds Maintenance
    • Compliance Services
  • Policies
    • Health & Safety Policy
    • Environmental Policy
    • Data Protection Policy
    • Modern Slavery Policy
    • Anti-Bribery Policy
    • Diversity Policy
  • Contact Us
  • FAQ
  • More
    • Home
    • About us
    • Our Services
      • Facilities Management
      • Commercial Cleaning
      • Property Refurb & Fit Out
      • Grounds Maintenance
      • Compliance Services
    • Policies
      • Health & Safety Policy
      • Environmental Policy
      • Data Protection Policy
      • Modern Slavery Policy
      • Anti-Bribery Policy
      • Diversity Policy
    • Contact Us
    • FAQ
Stravica
  • Home
  • About us
  • Our Services
    • Facilities Management
    • Commercial Cleaning
    • Property Refurb & Fit Out
    • Grounds Maintenance
    • Compliance Services
  • Policies
    • Health & Safety Policy
    • Environmental Policy
    • Data Protection Policy
    • Modern Slavery Policy
    • Anti-Bribery Policy
    • Diversity Policy
  • Contact Us
  • FAQ

Data Protection & GDPR Policy

Data Protection & Privacy Commitment

What This Covers

We process personal data to deliver our services (facilities management, cleaning, refurbishment, compliance and government contracting), manage our relationship with clients and suppliers, operate our websites/systems, recruit and support our people, and keep sites safe.


The Data We Handle


  • Identity & contact: name, role, email, phone, address.
  • Business records: contracts, purchase orders, site logs.
  • Usage & technical: device/IP, pages visited, cookies (see Cookies section).
  • CCTV & access control at certain premises.
  • HR & recruitment information for applicants/employees.
    We only collect what is adequate, relevant and necessary.
     

Why We Use Your Data (Lawful Bases)


  • Contract: to provide services and manage accounts
  • Legal obligation: H&S, tax, audit, RIDDOR/COSHH, procurement.
  • Legitimate interests: site security (CCTV), service analytics, preventing fraud, managing supplier performance (balanced against your rights).
  • Consent: only for optional uses such as certain marketing cookies/emails (you can withdraw any time).
  • Vital interests/public task: rare, e.g., incident response on sites or work for public-sector clients.
     

How Long We Keep It


We keep data no longer than necessary (e.g., most contracts/finance: 6 years; CCTV: ~30 days by default; recruitment: 6 months unless retained with consent). See our full Retention Schedule in the policy.


Sharing and Locations


We share data with trusted processors (e.g., IT hosting, HR/payroll, security) under UK GDPR Article 28 contracts. We don’t sell data. If data leaves the UK, we use adequacy, the UK IDTA or the UK Addendum to SCCs, plus a Transfer Risk Assessment.


Security


We apply technical and organisational measures including encryption, access controls/MFA, network protection, backups, secure disposal, processor due diligence and staff training. We operate an information security programme aligned to ISO 27001/27701 principles.


Your Rights


You can request:


  • Access to your data; rectification; erasure; restriction; portability; objection (including to direct marketing); and information about automated decision-making (we don’t currently use fully automated decisions with legal or similar effects).
    How to exercise: email info@stravica.uk

PDF Viewer

Download PDF

Copyright © 2025 Stravica - All Rights Reserved.

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept