Our data protection policy sets out our commitment to protecting client data and how we implement that commitment with regards to the collection and use of client data.
We are committed to:
- Ensuring that we comply with the data protection principles, as listed below.
- Ensuring that data is collected and used fairly and lawfully.
- Processing client data only in order to meet our operational needs or fulfill legal and contractual requirements.
- Establishing appropriate retention periods for client data.
- Ensuring that data subjects’ rights can be appropriately exercised.
- Providing adequate security measures to protect client data.
- Ensuring that all consultants are made aware of standard practice for data protection.
- Ensuring that queries about data protection, internal and external to the organization, is dealt with effectively and promptly.
- Regularly reviewing data protection procedures and guidelines within the institution.
Our data protection principles:
- Client data shall be processed fairly and lawfully.
- Client data shall be obtained with the purpose of completing our contractual obligation to the Client, and shall not be further processed in any manner incompatible with that purpose.
- Client data (processed or unprocessed) shall not be kept for longer than is necessary to complete our contractual obligation to the Client.
- Appropriate technical and organizational measures shall be taken against the unauthorized processing of Client data, and against the accidental loss, destruction, or damage to client data.