Have you been asked for additional policies for Tender Responses?
All public sector tenders will include a requirement for comprehensive statements on modern slavery, the General Data Protection Regulation (GDPR) and Health, safety and Environment (HSE) in the standard supplier questionnaire (SSQ). These areas reflect critical legal and ethical obligations that any supplier must meet to be considered.
Here we’ve broken down some of the key points that should be included in each of these statements to ensure your response meets all current standards and regulations.
Modern Slavery Statements made simple
The Modern Slavery Act 2015 states that all organisations operating in the UK must share the steps they’re taking to combat modern slavery within their operations and supply chains. A good modern slavery statement should address the following key points:
- Commitment and policy: Clearly outline your organisation’s commitment to preventing modern slavery and human trafficking. This includes an overview of your anti-slavery policies and how they’re embedded into your business.
- Risk assessment and due diligence: Describe the processes your company uses to identify and assess risks related to modern slavery in your supply chain. This might include supplier audits, due diligence checks and risk assessments.
- Training and awareness: Explain the training programs you use to raise awareness among employees and suppliers about modern slavery risks and the importance of ethical labour practices.
- Performance monitoring: Outline how you monitor and evaluate the effectiveness of your anti-slavery measures. Include any key performance indicators (KPIs) or targets you use to track progress.
- Remediation process: Provide information on how your organisation would address any instances of modern slavery. This could include action plans, support for affected workers and collaboration with the appropriate authorities.
GDPR a must if you are processing information
The GDPR requires organisations to manage personal data responsibly and transparently. Your GDPR statement should include:
- Data protection policies: Summarise your data protection policies, ensuring they’re aligned with GDPR requirements. This should cover the principles of data processing, including lawfulness, fairness, transparency and purpose limitation.
- Data handling practices: Explain how your organisation collects, processes, stores and deletes personal data. This includes the security measures you have in place to protect data from breaches and your procedures for data retention and deletion.
- Data subject rights: Provide information on how individuals can exercise their rights under GDPR, such as the right to access, correction, deletion and data portability. You should also clarify your process for handling data subject requests and complaints.
- Third-party data sharing: Explain how personal data is shared with third parties, if appropriate, ensuring compliance with GDPR. This should include details on your data processing agreements with all suppliers and partners.
- Data breach management: Outline your organisation’s data breach response plan, including how you would notify the relevant authorities and affected individuals.
The big one Health, safety and environment statements
Health, safety, and the environment are crucial aspects of good business, particularly in industries where there are significant risks. An effective HSE statement should cover:
- HSE policy and commitment: Describe your organisation’s HSE policies and your commitment to maintaining a safe and healthy working environment. Highlight any certifications, such as ISO 45001 or ISO 14001, that demonstrate adherence to recognised standards.
- Risk management: Detail how your organisation identifies, assesses and manages health, safety and environmental risks. This might include risk assessments, hazard identification processes and incident reporting mechanisms.
- Training and competence: Provide information on HSE training programs for employees, contractors and suppliers. This should cover both general and role-specific safety training.
- Monitoring and reporting: Explain the procedures in place for monitoring HSE performance, including regular audits, inspections and reporting on incidents and near-misses.
- Continuous improvement: Highlight your organisation’s commitment to continuous improvement in HSE practices. This can include setting targets, implementing improvement plans and reviewing HSE policies regularly.
Key takeaways
Including carefully considered and comprehensive statements on modern slavery, GDPR, and HSE in your tender responses is not only a legal necessity but also a reflection of your organisation’s commitment to ethical and responsible business practices. By addressing these key areas thoroughly, you can demonstrate to potential clients that your organisation is a trustworthy and compliant partner in any tender process.
That said, if this all sounds like a lot of work, don’t fear. Tender Response offers a suite of template statements, including modern slavery, GDPR and HSE, that you can tailor to your organisation. Get in touch today to find out how we can help.
This article was posted by:
Vicky Poole
Vicky Poole, with 15 years in strategic sales, specialises in Commercial, Government, and Third Sector tenders. Founder of Tender Response, she leads a team aiding SMEs in public sector bids.
View all posts by Vicky Poole