We endorse and adhere to the Data Protection Principles. When processing data we will ensure it is:
Kept in a form which permits identification of the data subject for no longer than is necessary.
Processed in a manner that ensures security of personal data.
Processed by a controller who can demonstrate compliance with the principles.
Processed transparently, fairly and lawfully.
Limited to what is necessary in relation to the purpose.
Processed no further than the legitimate purposes for which that data has been collected.
Accurate and kept up to date.
Furthermore, the Company will:-
Ensure that the information is held for no longer than is necessary.
Fully observe the conditions regarding having a lawful basis to process personal information.
Where required, meet its legal obligations specifying the purposes for which information is used.
To the extent necessary, collect and process appropriate information only to fulfil operational needs or comply with any legal requirements.
Ensure information held is up to date and accurate.
Ensure that the rights of people about whom information is held may be fully exercised under GDPR. Including the right to access personal information on request, to prevent processing in certain circumstances, and, where deemed necessary correct, rectify, block or erase any wrongly held information.
Instigate appropriate organisational and technical security measures in order to safeguard personal information.
Ensure that personal information is not transferred outside the UK, to other countries or international organisations without an adequate level of protection.