We are responsible for collecting, processing, storing and safe-keeping personal and other data as part of our business activities.
We manage personal information in accordance with the General Data Protection Regulation (EU) 2016/679 (“The GDPR”) and the Data Protection Act 2018 (“The DPA”) and are registered Data Controllers with the Information Commissioners Office (ICO).
The GDPR and DPA control how personal information we hold on our customers and staff is used. Everyone using the data has strict rules to follow, called Data Protection Principles. We will make sure all the data we hold is:
- Used fairly, lawfully and in a transparent manner;
- Collected for specified, explicit and legitimate purposes and not processed in a manner which is incompatible with those purposes;
- Adequate, relevant and limited to what is necessary in relation to the purpose the data is being used for;
- Accurate and, where necessary, up to date;
- Kept for no longer than is necessary; and
- Kept securely so that data is protected against unauthorised use, accidental loss, destruction or damage.
Full details of our responsibilities and policy for handling data can be found in our Data Protection Policy.