Privacy and Data Protection Policy
The new General Data Protection Regulations [GDPR] 2018 are enacted to give you more control over how organisations collect and use your personal data.
We take the responsibility of managing your data seriously and we recognise our responsibilities under GDPR in ensuring that all the data that we collect about you is adequately protected and regulated.
We only collect data to enable us to discharge our duties under environmental legislation or for accounting purposes, and also to keep in touch with you.
We never sell your data.
To ensure compliance with the new standard we will ensure that we:
- only collect and process data lawfully and in a transparent manner for only specified, explicit and legitimate purposes
- retain data for as long as is necessary for us to provide you with a service
- store data securely and in such a way as it is protected from unauthorised and unlawful processing, loss, destruction or damage. Data is stored in our cloud accounting system and on external hard-drive back-up systems.
- update data within a reasonable timescale if we are advised of any changes and ensure accurate management of this
- keep records of data breaches, informing individuals of the likely consequences and mitigation measures implemented to avoid reoccurrence as appropriate
- will provide staff training to ensure compliance with GDPR requirements and to maintain adherence to our data security procedures
In agreeing to this privacy notice you consent to us processing your personal data for the purposes outlined above and you have the right to withdraw consent at any time by contacting us via our contact page on our website.
This policy is reviewed annually and will form part of our ISO EN9001:2015 standard.