Privacy Policy

Data Protection Policy Statement

Our Business 
Arco’s mission is to keep people safe at work. We focus on ensuring our customers have access to quality and compliant products from an ethical supply chain. We are an integral part of our customers’ supply chains and we pride ourselves on being a well-governed, ethical and compliant supplier. We endeavour to use our relationships across the world to improve compliance, quality and ethical trading standards. 

Our policy and related guidance are intended to meet our compliance obligations as well as supporting our stakeholders to meet theirs. 

In this Data Protection Policy Statement (‘Policy’) and any supporting guidance (‘Guidance’), ‘We’ or ‘Arco’ refers to Arco Limited and its subsidiaries and ‘our’, ‘us’ or any equivalent phrase shall be interpreted accordingly.

As defined by the General Data Protection Regulation (GDPR) Arco Ltd is the Data Controller and ultimately responsible for ensuring the data you provide is kept secure, processed correctly and that you understand your legal rights in relation to the data you provide.

The recruitment software we use via this website is supplied by IRIS Software Group Limited and they are defined as a Data Processor under the GDPR. They will only process your data in accordance with our instructions.

IRIS can be contacted at: 4th Floor Heathrow Approach, 470 London Road, Slough, England, SL3 8QY

For Data Protection enquiries, please contact the Help Desk at


What is the Data Protection Act? 

The Data Protection Act 2018 (DPA) and this Policy protects the privacy and security of personal data (‘Personal Data’) relating to our employees, vendors, suppliers, service providers, customers, professional advisers and other business associates (together our ‘Commercial Partners’) when conducting business with  us and regulates how we handle and treat such information. 

Failure to comply with the DPA could cause reputational damage and could result in severe civil penalties being imposed upon us or our Commercial Partners. 

What is Personal Data and how do we use it? 

Personal data is any information relating to an identified or identifiable individual. This includes a person’s name, postal address, email address and telephone number, whether personal or work-related. It also includes sensitive personal data such as information on an individual’s racial or ethnic origin, political opinions, 
religious or similar beliefs, trade union membership (or non-membership), physical or mental health or condition, sexual life, genetic or biometric information. In the course of our business, we may collect, hold and use personal data relating to, amongst others, our colleagues, employees of our Commercial Partners, and applicants for employment with Arco. 

Our Policy 

We want to create an environment of confidence and trust that encourages people generally and, our customers and Commercial Partners in particular, to share personal data with us as appropriate for our business needs. 

We expect all colleagues and all Commercial Partners to comply with their obligations under the DPA and any applicable contracts or data processing agreements. We do not tolerate any breach of the DPA or any other local, national or international laws or regulations in relation to data protection or privacy (as we would not tolerate any other breach of applicable rules and laws). 

This Policy and any Guidance are intended to ensure that we maintain the highest standards. 

Application of this Policy 

This Policy applies to Arco and all Arco colleagues. All our colleagues must read, apply and comply with their obligations under this Policy and Guidance. 

This Policy is also relevant to our Commercial Partners when conducting business with us; for example this Policy is reflected in our Supplier Code of Conduct. We will not work with Commercial Partners who are not committed to complying with applicable laws and standards.