The Company does not comply with any specific corporate governance code, including the Combined Code. However, the Board intends to comply with the principles of good governance and the recommendations of best practice as set out in the Combined Code so far as is practicable and appropriate for an AIM company of its size and, in this connection, the Board shall take into account the guidance issued by the Quoted Companies Alliance.
The Board meets six times a year and is responsible for formulating, reviewing and approving strategy, budgets, acquisitions, capital expenditure and senior personnel appointments. The executive directors and senior management meet regularly to consider operational matters. The Board comprises of an Executive Chairman, one Executive Director and three Non-Executive Directors. Two of the Non-Executive Directors are independent of the executive management.
Following admission to AIM, the Directors established an audit committee and a nomination committee with formally delegated rules and responsibilities. A remuneration committee has been in place since November 2004. The audit committee, remuneration and nomination committees meets at least once a year.
The Audit Committee’s primary responsibility is to ensure that the financial performance, position and prospects of the Company are properly monitored and reported on, and for meeting the auditors and reviewing their reports relating to accounts and internal controls. The committee comprises Faisal Rahmatallah, Richard Vessey, Keith Butler-Wheelhouse and Andrew Walker (chairman).
The Remuneration Committee has been in place since November 2004. Its primary responsibility is to review the performance of all directors save for the Non- Executive Directors and set the scale and structure of their remuneration and the basis of their service agreements with due regard to the interests of shareholders. The remuneration committee also determines the payment of bonuses to all directors save for the Non-Executive Directors and make recommendations to the trustees of the LTIP regarding share awards to employees. The committee comprises Faisal Rahmatallah, Keith Butler-Wheelhouse (chairman), Andrew Walker and Richard Vessey.
The Nomination Committee’s primary responsibility is to consider new or replacement appointments to the Board. The committee comprises Faisal Rahmatallah, Keith Butler-Wheelhouse, Andrew Walker and Richard Vessey (chairman).
In addition, the Company has adopted a dealing code for all Directors and employees in terms no less exacting than the Model Code for Directors’ Dealings as set out in the Listing Rules of the UK Listing Authority and will take all reasonable steps to ensure compliance by the Board and any relevant employees.
In addition, the Company has adopted a dealing code for all Directors and employees in terms no less exacting than the Model Code for Directors’ Dealings as set out in the Listing Rules of the UK Listing Authority and will take all reasonable steps to ensure compliance by the Board and any applicable employees.
The EU General Data Protection Regulation (GDPR) has the aim of harmonising data protection and processing laws across the European Union and giving individuals stronger rights of access and control of their personal data.
Plastics Capital plc (the Company) will continue to ensure the security and protection of personal data which is held within the Plastics Capital group of companies (the PC Group). Accordingly the Company will comply, and cause each member of the PC Group to comply, with the provisions of GDPR in a manner, which is appropriate and proportionate to the size, type and geography of that member’s business, and in particular it will, and cause each such member to, process and protect personal data in accordance with the responsibilities and principles set out in GDPR.
GDPR will apply to all members of the PC Group, as in the course of its business the PC Group will process data relating to individuals, which is personal to those individuals. GDPR describes such data as Personal Data and such individuals as Data Subjects.
In compliance with the provisions of GDPR, each member of the PC Group will accordingly adhere to the following data protection principles:
a) process Personal Data lawfully, fairly and in a transparent manner;
b) collect Personal Data for specified, explicit and legitimate purposes and will not process it in a manner that is incompatible with those purposes;
c) only process Personal Data that is adequate, relevant and limited to what is necessary in relation to the purposes for which the Data has been processed;
d) ensure that Personal Data is accurate and, where necessary, kept up to date;
e) keep Personal Data in a form which permits identification of the Data Subject for no longer than is necessary for the purposes for which the Data has been processed; and
f) retain Personal Data in an appropriately secure manner which will include its protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Each member of the PC Group is also committed to ensuring that the rights of the Data Subject about whom Personal Data is held will be fully upheld, including in particular the rights to:
a) know that Data is being processed;
b) access the Data;
c) object to or restrict processing of the Data; and
d) correct, rectify, block or erase any Data, which is wrong.
Each member of the PC Group recognises that Personal Data can only be processed on a lawful basis and accordingly its policy will be to determine such lawful basis before it does so and will document this.
GDPR sets out examples of lawful bases for processing Personal Data and these include in particular where processing:
a) has been consented to by the Data Subject;
b) is necessary for the performance of a contract with the Data Subject or for taking steps to enter into a contract;
c) is necessary for compliance with a legal obligation;
d) is necessary for the purposes of legitimate interests pursued by the controller or a relevant third party, except where the law requires such interests to be overridden by the interests, rights or freedoms of the Data Subject.
Each member of the PC Group will consider how long it intends to store information containing Personal Data and determine the criteria for doing so. After expiry of the retention period, unless there is a sound business reason to retain them beyond this period, the records containing Personal Data will be disposed of securely and destroyed effectively.
All employees of each member of the PC Group are required to adhere to this policy and other policies of confidentiality of the Company or the relevant member, together with any instructions which may be given from time to time by the Data Protection Compliance Manager of the relevant member, so that the integrity, confidentiality and security of the Personal Data which that member processes and to which its employees may have access is protected.
Employees are also required to take particular care with regard to protecting special categories of Personal Data and criminal records data.
Each member of the PC Group and its employees must:
a) only access Personal Data that they are permitted to access and only for authorised purposes;
b) not allow any other person (including other staff) to access Personal Data unless the employee knows that they have the appropriate permissions;
c) keep Personal Data secure (for example by complying with rules on access to premises), computer access, password protection, encryption and secure file storage and destruction)
d) not remove Personal Data (including Personal Data in files), or devices containing Personal Data (or which can be used to access it), from the premises of the relevant member unless appropriate security measures are in place (such as encryption or password protection) to secure the information and the device;
e) not store Personal Data on local drives or on personal devices that are used for work purposes.
The Company and each other member of the PC Group may be legally required to share Personal Data with other bodies or agencies, such as government or other official bodies, in some of the circumstances set out above and where prior consent may not have been given beforehand by the Data Subject.
Subject to such exceptions and any other relevant provisions of GDPR, Personal Data will not be disclosed to any unauthorised persons or third parties.
7. ADDITIONAL INFORMATION
Policy Operational Date: 25 May 2018
Preparation of Policy: prepared by Nick Ball, Group Finance Director and Data Protection Compliance Leader for the Plastics Capital Group and Data Protection Compliance Manager of the Company.
Approval of Policy: approved respectively by the board of Plastics Capital plc, the ultimate parent company of the Company, and the board of the Company following consultation with the senior management of the Company.