The Company takes the security and privacy of your data seriously. We gather and use information or ‘data’ about you as part of our business and to manage, develop and enhance our relationship with you. We intend to comply with our legal obligations under the Data Protection Act 2018 (the ‘2018 Act’) and the EU General Data Protection Regulation (‘GDPR’) in respect of data privacy and security. We have a duty to notify you of information contained in this policy.
This general policy applies to all personal data we may hold. The Company has measures in place to protect the security of your data as set out in this policy. The Company will hold data for as long as is necessary for the purposes for which it was collected, or until a subject access request is received to delete it. This policy explains how the Company will hold and process your information and explains your rights in respect of the data we hold. Data Protection Principles
Personal data must be processed in accordance with six ‘Data Protection Principles.’ It must:
be processed fairly, lawfully and transparently;
be collected and processed only for specified, explicit and legitimate purposes;
be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;not be kept for longer than is necessary for the purposes for which it is processed; and be processed securely.