Cookies & Privacy
What Are Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.
The Cookies We Set
This site offers newsletter or email subscription services and cookies may be used to remember if you are already registered and whether to show certain notifications which might only be valid to subscribed/unsubscribed users.
When you submit data to through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.
Third Party Cookies
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Analytics page.
From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.
The Google AdSense service we use to serve advertising uses a DoubleClick cookie to serve more relevant ads across the web and limit the number of times that a given ad is shown to you.
For more information on Google AdSense see the official Google AdSense privacy FAQ.
We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including; Twitter, Facebook, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
Data Protection Statement of Intent.
Pakeeza Dairies Limited, (Pakeeza) needs to collect and use certain types of
information, (Data), about the Individuals or Service Users who come into contact
with Pakeeza, in order to undertake our operational activity and service provision.
This Data must be collected and dealt with appropriately whether it is collected on
paper, stored in a computer database, or recorded on other material or form of
From May 2018, the Data Protection Act 1998 will be replaced by the General Data
Protection Regulation (GDPR). The GDPR places greater emphasis on ensuring
Data is managed to prevent the misuse of Data and ensures the security of the Data
within an organisation.
2. Data Controller
Pakeeza is the Data Controller under the Regulations, which means that it
determines what purposes personal information held, will be used for. It is also
responsible for notifying the Information Commissioner of the data it holds or is likely
to hold, and the general purposes that this data will be used for.
Pakeeza may share data with other agencies such as the local authority, funding
bodies and other voluntary agencies.
The Individual/Service User will be made aware in most circumstances how and with
whom their information will be shared. There are circumstances where the law
allows Pakeeza to disclose data (including sensitive data) without the data subject’s
a) Carrying out a legal duty or as authorised by the Secretary of State
b) Protecting vital interests of an Individual/Service User or other person
c) The Individual/Service User has already made the information public
d) Conducting any legal proceedings, obtaining legal advice or defending any
e) Monitoring for equal opportunities purposes – i.e. race, disability or religion
f) Providing a confidential service where the Individual/Service User’s
consent cannot be obtained or where it is reasonable to proceed without
consent: e.g. where we would wish to avoid forcing stressed or ill
Individuals/Service Users to provide consent signatures.
Pakeeza regards the lawful and correct treatment of personal information/data as
very important to successful working, and to maintaining the confidence of those with
whom we deal.
Pakeeza intends to ensure that personal information/data is treated lawfully and
To this end, Pakeeza will adhere to the Principles of Data Protection, as detailed in
the General Data Protection Regulations, (previously the Data Protection Act).
Specifically, the Principles require that personal information/data, shall be:
a) processed lawfully, fairly and in a transparent manner in relation to
b) collected for specified, explicit and legitimate purposes and not further
processed in a manner that is incompatible with those purposes,
c) adequate, relevant and limited to what is necessary in relation to the
purposes for which they are processed,
d) accurate and, where necessary, kept up to date, personal data that is
inaccurate is erased or rectified without delay,
e) kept in a form which permits identification of data subjects for no longer
than necessary for the purposes for which the personal data are
processed. (Data may be stored for longer periods insofar as the data is
processed for archiving purposes).
f) processed in a manner that ensures appropriate security of the data,
protecting against unauthorised or unlawful processing, accidental loss,
destruction or damage, using appropriate technical or organisational
Pakeeza will, through appropriate management and strict application of criteria and
Observe fully conditions regarding the fair collection and use of information
Meet its legal obligations to specify the purposes for which information is
Commercial In Confidence – property of Pakeeza Dairies 2018.
Document Reference GDPR 001 Issue 1.0.
Collect and process appropriate information, and only to the extent that it
is needed to fulfill its operational needs or to comply with any legal
Ensure the quality of information used
Ensure that the rights of people about whom information is held, can be
fully exercised in line with the GDPR. These include:
o The right to be informed that processing is being undertaken,
o The right of access to one’s personal information
o The right to prevent or restrict processing in certain circumstances
o The right to rectification i.e. correct, rectify, block or erase
information which is regarded as wrong information.
o The right to data portability
o The right to object and
o rights in relation to automated decision making and profiling.
Take appropriate technical and organisational security measures to
safeguard personal information
Ensure that personal information is not transferred abroad without suitable
Treat people justly and fairly whatever their age, religion, disability, gender,
sexual orientation or ethnicity when dealing with requests for information
Set out clear procedures for responding to requests for information
4. Data collection (Lawful basis for processing).
Pakeeza, will ensure that data is collected within the boundaries defined in this
statement of intent. This applies to data that is collected in person, or by completing
In line with GDPR, Pakeeza, must demonstrate a valid lawful basis for the collection
and processing of personal information/data. Pakeeza also recognise that as part of
the collection and processing of data, this will include special category data.
Pakeeza have identified that the bases for processing of personal information/data in
line with the requirements of the GDPR, applicable to the operations, service
provision and activities of the organisation are:
1) Consent, the individual has given clear consent for Pakeeza to process their
personal data for a specific purpose.
2) Contract, the processing is required for a contract held between Pakeeza and the
individual, or because the individual has asked Pakeeza to take specific steps before
entering into the contract.
3) Legal Obligation, the processing of the data is required to ensure compliance
with the Law.
When collecting and processing data, Pakeeza, will ensure that the Individual/Service
a) Clearly understands why the information is needed and the lawful basis for
the collection and processing of the information.
b) Understands what it will be used for and what the consequences are
should the Individual/Service User decide not to give consent to
c) As far as reasonably possible, grants explicit consent, either written or
verbal for data to be processed.
d) Is, as far as reasonably practicable, competent enough to give consent
and has given so freely without any duress
e) Has received sufficient information on why their data is needed and how it
will be used.
Special Category Data.
Special Category Data, is personal information/Data, which is recognised as more
sensitive within the guidance of the GDPR. Pakeeza recognise that such special
category data includes:
Politics (Political views and preference).
Membership of a Trade Union or other recognised trade organisation
Pakeeza, in line with the requirements of GDPR, identify the following conditions for
the processing of special category data:
Article 9 (2)
(b) the processing of the special category data is necessary for the purposes of
carrying out the obligations and exercising specific rights of the controller, (Pakeeza)
or of the data subject in the field of employment and social security and social
protection law, in so far as it is authorised by Union or Member State Law or a collective
agreement pursuant to Member State Law providing for appropriate safeguards for the
fundamental rights and the interests of the data subject.
(f) the processing is necessary for the establishment, exercise or defence of legal
claims or whenever courts are acting in their judicial capacity.
(h) the processing is necessary for the purposes of preventive or occupational
medicine, for the assessment of the working capacity of the employee, medical
diagnosis, the provision of health or social care or treatment or the management of
health or social care systems and services on the basis of Union or Member State law
or pursuant to contract with a health professional and subject to the conditions and
safeguards identified within the GDPR.
5. Data Storage
Information and records relating to the data subject and service users will be stored
securely and will only be accessible to authorised staff as approved by Pakeeza.
Information will be stored for only as long as it is needed or required statute and will
be disposed of appropriately.
It is the responsibility of Pakeeza to ensure all personal and company data is nonrecoverable
from any computer system previously used within the organisation,
which has been passed on/sold to a third party.
6. Data access and accuracy
All Individuals/Service Users have the right to access the information Pakeeza holds
about them. Pakeeza will also take reasonable steps ensure that this information is
kept up to date by asking data subjects whether there have been any changes.
In addition, Pakeeza will ensure that:
It considers the need to appoint a Data Protection Officer with specific
responsibility for ensuring compliance with Data Protection in line with the
requirements of the GDPR.
Everyone processing personal information understands that they are
contractually responsible for following good data protection practice
Everyone processing personal information is appropriately trained to do so
Everyone processing personal information is appropriately supervised
Anybody wanting to make enquiries about handling personal information
knows what to do
It deals promptly and courteously with any enquiries about handling personal
It describes clearly how it handles personal information
It will regularly review and audit the ways it hold, manage and uses personal
It regularly assesses and evaluates its methods and performance in relation to
handling personal information
All staff are aware that a breach of the rules and procedures identified in this
policy may lead to disciplinary action being taken against them.
Breaches of security impacting on the storage of personal information/data is
investigated and actions taken to address the breach. (In line with the GDPR
that such breach is reported to the supervisory authority, (ICO), within 72
hours based on the likelihood and severity of risk to data subjects).
This Statement of Intent will be updated as necessary to reflect best practice in data
management, security and control and to ensure compliance with any changes or
amendments made to the General Data Protection Regulations, related regulatory
requirements or guidance.
In case of any queries or questions in relation to this policy please contact the
Pakeeza Dairies Limited Acting Data Protection Officer: Paul Doherty, Health, Safety
and Human Resource Manager.
Position: Health, Safety and Human Resource Manager. (DPO/Appointed Person)
Review Date: 23/05/2019.
Glossary of Terms
Data Controller – The person who (either alone or with others) decides what personal
information Pakeeza will hold and how it will be held or used.
Data Protection Act 1998 – The UK legislation that provides a framework for responsible
behaviour by those using personal information. (To be replaced by the General Data
Protection Regulation in May 2018).
General Data Protection Regulation – The General Data Protection Regulation (GDPR)
(Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of
the European Union and the European Commission intend to strengthen and unify data
protection for all individuals within the European Union (EU).
Data Protection Officer – The person(s) responsible for ensuring that Pakeeza
follows its data protection statement of intent, related policies and procedures and that
Pakeeza complies with the Data Protection Act 1998 / GDPR.
Individual/Service User/data subject – The person whose personal information is being
held or processed by Pakeeza for example: a client, an employee, or supporter.
Explicit consent – is a freely given, specific and informed agreement by an
Individual/Service User in the processing of personal information about her/him. Explicit
consent is needed for processing sensitive data.
Notification – Notifying the Information Commissioner about the data processing activities of
Pakeeza as certain activities may be exempt from notification.
The link below will take to the ICO website where a self-assessment guide will help you to
decide if you are exempt from notification:
Information Commissioner – The UK Information Commissioner responsible for
implementing and overseeing the Data Protection Act 1998 and GDPR.
Processing – means collecting, amending, handling, storing or disclosing personal
Personal Information – Information about living individuals that enables them to be identified
– e.g. name and address. It does not apply to information about organisations, companies
and agencies but applies to named persons, such as individual volunteers or employees
Sensitive data – refers to data about:
Racial or ethnic origin
Religion or similar beliefs
Trade union membership
Physical or mental health
Criminal record or proceedings
Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However if you are still looking for more information then you can contact us through one of our preferred contact methods.