Privacy Policy

We collect, store and process large amounts of personal data. We accept our responsibility to ensure that such personal data is kept secure, handled with care and in compliance with applicable data protection and privacy laws. We understand the need to collect, store and process personal
data, and we are committed to protecting the personal data of our customers, suppliers and employees.

Our policy is to:

  • implement processes and procedures which meet Data Protection requirements and are easily understood by staff and data subjects
  • collect personal data for specified, explicit and legitimate purposes, processing it fairly, lawfully and in a transparent manner which is relevant and limited for the purposes for which it is processed
  • report, record and properly address breaches of applicable data privacy laws and regulations in a timely manner including notifying appropriate supervisory authorities within required regulatory timescale
  • be responsible for, and demonstrate, compliance with this policy, Data Protection standards and operating procedures and applicable data privacy laws and regulations and deploy competent resources to advise and train staff
  • ensure that the principles of data protection by design and by default are taken into consideration when processing personal data
  • ensure that personal data is accurate and kept up to date and only retained for as long as is necessary to achieve its specified purpose(s) and in accordance with applicable law
  • use appropriate technical and organisational security measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage
  • ensure appropriate data protection obligations are contained in the written contracts we have with all third parties to whom we disclose, or from whom we receive personal data
  • protect data and take appropriate measures when personal data is being transferred within and outside the Company, as well as to other jurisdictions
  • respect and comply with the statutory rights available to data subjects in the relevant jurisdiction.

We will put this policy into practice by applying policies, operating procedures and processes to ensure the protection of personal data.