GDPR AND DATA PROTECTION STATEMENT
We are committed to data privacy and protection of our clients’ data. GDPR compliance for us has required the development of our current information security management, improving and maintaining key data protection and privacy controls, and auditing the information we hold. In order to ensure our continued and improved compliance with GDPR we will follow the below principles:
· To process data fairly and lawfully;
· Processing data only for specified and lawful purposes;
· Data processed is adequate, relevant, and not excessive;
· Data processed is accurate and, where necessary, kept up to date;
· Data is not kept long than necessary;
· Data is processed in accordance with an individual’s consent and rights;
· To store data securely; and
· To ensure that data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection.
What does this mean for our Clients?
We will only process your data if it complies with the principles set out above. If at any point, you feel that data we hold for you is inaccurate or needs to be updated, please inform us as soon as possible, and we will arrange for this to be amended.
GDPR also gives individuals the right to be forgotten. If you would like to exercise your right to be forgotten, please contact us at firstname.lastname@example.org to outline what data you would like us to remove and your reasons. There may be circumstances where we will be unable to process your request. However, we will assess each request on an individual basis.