The very nature of our business means we handle personal data about those we employ, our customers, partners and users of our services. This will include sharing personal data with our suppliers and partners. We have an important duty to respect this data and ensure it is protected and handled responsibly and only used for the purpose for which it was provided. We take our obligations under data protection and privacy laws across the world very seriously.
Personal data means any information relating to or capable of identifying an individual, whether directly or indirectly. This means that the information says or reveals something private, personal and of meaning about someone, and that it must reveal who that person is (either by itself, or when combined with other information that we hold). This information may relate to any person who has directly or indirectly come into contact with Serco.
Personal data has a wide scope and includes: contact details, such as names, addresses, telephone numbers, email addresses and dates of birth; salary; opinions about someone; identification numbers; IP address and biometric data (i.e. fingerprint or iris scan data); information contained in call recordings; CCTV and other information related to your employment and the services we provide to our customers, partners and the users of our services.
There are more stringent privacy rules on how we manage ‘sensitive’ personal data which includes ethnic background, political opinions, religious beliefs, health, sexual health and criminal records etc.Read more
For more information download:
Data Protection Group Standard Operating Procedure (Access - Serco Employees only)
Security Group Standard (Access - Serco Employees only)
Stop and think?
Only manage personal data in accordance with the data protection principles and respect the privacy of individuals. If you see personal data is being mismanaged speak up and if in doubt, speak to your line manager or Information Security Lead.