Data Protection Policy.
Introduction
This Data Protection Policy outlines the approach of Toast Design Consultancy Limited (“the Company”) to protect personal data in compliance with data protection laws, including the General Data Protection Regulation (GDPR). This policy is an internal document and is not intended for public distribution. It should be read and understood by all staff, contractors, and consultants involved in processing personal data on behalf of the Company.
Purpose
This policy aims to ensure that the Company complies with data protection laws and regulations, respects the privacy of individuals, and maintains the confidentiality and integrity of personal data.
Scope
This policy applies to all personal data the Company processes, including data collected from clients, employees, suppliers, and other third parties.
Principles
The Company adheres to the data protection principles set out in the GDPR, which include:
- Lawfulness, fairness, and transparency
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
Roles and Responsibilities
The Data Protection Officer (DPO) is responsible for overseeing the implementation of this policy and ensuring compliance. All staff members are required to read and adhere to this policy.
Lawful Processing
The Company will ensure that personal data is processed lawfully, fairly, and transparently. Consent will be obtained where required, and data will only be used for the purposes for which it was collected.
Data Minimisation
The Company will collect only the data that is necessary for the intended purpose and will not retain data longer than necessary.
Security Measures
The Company will implement technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.
Staff Training
All staff will receive training on this policy and the GDPR. Regular audits will be conducted to ensure compliance.
Data Subject Rights
The Company will respect the rights of data subjects, including the right to access, rectify, or erase their data.
Review
This policy will be reviewed annually or as required by changes in data protection laws.
Compliance
Failure to comply with this policy may result in disciplinary action, up to and including termination of employment.
Note that this content is © Toast Design Consultancy Limited 2022–2024. All rights resererved. Do not copy this content for your own purposes.
