Does Your Umbrella Company Comply With GDPR?

Does Your Umbrella Company Comply With GDPR?

Like all compliant umbrella companies, here at i4 Services we have a Privacy Policy which applies to all our contractors. In it we explain why we collect the personal information we hold on you, what we use it for, and how you’re protected. Here we look at why complying with GDPR is important and how we uphold these standards.

What is GDPR?

The Data Protection Act (2018) is the UK’s version of the EU’s General Data Protection Regulation (GDPR). The Act describes how your personal information can be used by various bodies, such as businesses, organisations and the Government, and what rights and protections you have against its misuse or wrongful dissemination. 

According to the Act anyone who collects personal data must ensure that the information is used in a way that is fair, lawful and transparent, for specific purposes only, that is relevant and its use limited to what is absolutely necessary, is accurate and, if stored, kept up-to-date, held for no longer than is necessary, and handled in a way that is appropriately secure and includes protection against unauthorised or unlawful processing, loss, access, damage or destruction. 

The act provides even stricter legal protection for sensitive personal information about your race and ethnic background, any political views that you have, your religious beliefs, if you’re a member of a trade union, your genetic make-up, the state of your health, and your sexual orientation. 

You have the right to know what information is held by you and how it’s being stored. You also have the right to correct any mistakes, have your data erased, stop or restrict anyone processing your data, and object to how it’s being used.  

GDPR and Umbrella Companies

As your employer we naturally have to ask you for certain details – your name, address, contact details, bank account number, National Insurance number etc, in order to process your payments and ensure that you pay the right amount of contributions. We also have to be sure that you are entitled to work legally in the UK so we need to have confirmation of your proof of identity. We take the protection and privacy of our employees very seriously and always treat the information you give us as completely confidential. 

We only use the information you give us to fulfil our contract with you as our employee, to comply with any legalities or statutory regulations that we have to adhere to, to help us respond more efficiently to any requests you might have, or to help you use the services we provide. If we want to use it for anything else we have to ask for your permission. The only time we’ll share your information is with either the recruitment agency you found your work through, or with UK authorities when we’re legally obliged to do so. And we’ll never sell your data to anyone outside our company. Finally, we’ll protect your data with the strongest possible security measures, and always use a secure, encrypted method of transferring any information to you via our website.

If your current umbrella company doesn’t follow GDPR regulations to the letter, or you feel your data is vulnerable in any way this can be a sign of non-compliance within the FCSA’s Charter (Compliance with Laws and Regulations, 4.2 ‘Members will ensure they comply with all relevant legislation relating to their business, including but not limited to legislation relating to equal opportunities, health and safety, taxation, right to work, money laundering, data protection, Modern Slavery Act (where applicable), and competition.’) and is an indication of unreliability in many other vital areas. We work hard to keep your data safe and pride ourselves on being open, honest and transparent so you have one less thing to worry about. 

If you’d like more information about how we protect your data, as well as providing you with so much more, call us on 0800 084 3058, email us at, or fill in the contact form here.