Whilst we are exempt from registering with the General Data Protection Register (GDPR) we respect the privacy of our stakeholders and employ best practice to adhere to the principles of the Data Protection Act 1998.
We save the minimum possible personal information about our customers and prospects, it is usually limited to names, all other information belonging to the company. Data is entered, viewed and amended on password protected software by the operational team.
We will not share personal details without the permission of the individual concerned. Individuals have the right to view their personal data and we will respond to all requests to do so in a in a timely manner.
Passwords will be changed annually or immediately following the resignation of an authorised user.
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we will promptly assess the risk to people’s rights and freedoms.
This policy will be reviewed annually.