Back
E&E WORK TMS

UK GDPR Policy

Version 1.0Last updated 1 June 2026

1. Our Commitment

E&E WORK LTD is committed to processing personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy outlines how we fulfil our obligations as a data controller under these frameworks.

2. Data Controller Information

E&E WORK LTD is the data controller for all personal data processed through the E&E WORK TMS platform. We are registered with the Information Commissioner's Office (ICO) as required by UK law.

3. Principles We Adhere To

All personal data processed by E&E WORK TMS is handled in accordance with the following UK GDPR principles:

  • Lawfulness, fairness and transparency: data is processed on a clear legal basis and communicated clearly to users
  • Purpose limitation: data is collected for specified, explicit purposes and not processed incompatibly
  • Data minimisation: only data necessary for the stated purpose is collected
  • Accuracy: reasonable steps are taken to ensure data is accurate and kept up to date
  • Storage limitation: data is not retained beyond its lawful purpose
  • Integrity and confidentiality: appropriate technical and organisational measures protect data from unauthorised access, loss, or destruction
  • Accountability: we can demonstrate compliance with these principles

4. Lawful Basis for Processing

Each category of personal data we process has an identified lawful basis. Where consent is required (e.g. push notifications), it is obtained explicitly and separately from other consents. Consent may be withdrawn at any time without penalty.

5. Data Subject Rights

We support and facilitate the following rights under UK GDPR:

  • Right of access (Subject Access Request)
  • Right to rectification
  • Right to erasure ("right to be forgotten") where applicable
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making and profiling

Requests must be submitted to privacy@eandework.co.uk. We will respond within 30 calendar days.

6. International Transfers

Data may be processed by infrastructure providers outside the UK. Where this occurs, we ensure adequate safeguards are in place, including Standard Contractual Clauses or equivalent mechanisms approved under UK law.

7. Data Breach Notification

In the event of a personal data breach that poses a risk to individuals' rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay.

8. Data Protection Officer

While a formal DPO may not be legally required at our current scale, we have designated a data protection lead responsible for GDPR compliance. Contact: dpo@eandework.co.uk

9. Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection: ico.org.uk | 0303 123 1113

Terms & ConditionsPrivacy PolicyGDPR PolicyCookie PolicyPush Notifications

© 2026 E&E WORK TMS. All rights reserved.