Data Protection Policy
Our approach to handling personal data responsibly.
Purpose
This policy sets out how we comply with data protection laws and protect personal data.
Data protection principles
We process personal data in accordance with the following principles:
- Lawfulness, fairness, and transparency.
- Purpose limitation.
- Data minimization.
- Accuracy.
- Storage limitation.
- Integrity and confidentiality.
- Accountability.
Roles and responsibilities
All staff and contractors must protect personal data and follow approved processes. Management is responsible for oversight and compliance.
Lawful basis
We only process personal data where a lawful basis applies, such as contract, legal obligation, legitimate interests, or consent.
Data subject rights
We respect the rights of individuals, including access, rectification, deletion, and objection.
Data security
We use appropriate technical and organizational measures to protect personal data from loss, misuse, and unauthorized access.
Data breaches
Suspected data breaches must be reported immediately so we can investigate and notify authorities if required.