Data Protection policy

Data Protection Policy

Data Obtained and processed fairly and lawfully

  1. All data obtained is done so at the consent of the data subject
  2. No data obtained from the data subject will be obtained under duress or harassment

Data obtained for a specific purpose and is adequate and not excessive for the purpose

  1. Data cannot be used other than for the purpose it was advertised to be used for
  2. If the original data is to be used for any other purpose than that which it was originally obtained for then we will seek the consent of the data subject

Data not kept for longer than is necessary

  1. The data subject will be made aware of how long the data obtained is to be kept for
  2. Such data will not be kept for any longer than the time the data subject was made aware at the time the data was obtained
  3.  If the data is to be kept longer than as agreed, then the data subject will need to agree to same

Data to be processed in accordance with the data subject rights

The rights of the data subject are namely:

Right to privacy

  1. Right to freedom of information
  2. Right to protection of personal data
  3. The right to request that we stop using his or her data
  4. The right to request to see the data we hold on his or her behalf

Data to be kept safe from unauthorized access, accidental loss or destruction

  1. Firewalls and anti-phishing database tools will be installed to protect data
  2. Norton Security is installed on all computers within the organization in respect of electronic data
  3. Our Website has inbuilt password security and procedures to prevent hacking
  4. Adequate backup procedures are maintained such as “cloud”

Data Transfer

  1. Data will not be transferred outside of the EU unless the data subject has consented to it being transferred
  2. Data will not be transferred outside of the EU unless the country to which it is being transferred to has equivalent levels of protection for personal data