Data Protection Policy

Data Protection Policy

1. Purpose: Ensures safeguarding of personal data against unauthorized access, complying with data protection laws.

2. Scope: Encompasses all personal data processed by us.

3. Data Collection:

   • Collected only for explicit purposes with necessary consent.

4. Data Use and Access:

   • Access limited to need-to-know basis, protected by encryption and access controls.

5. Data Storage and Retention:

   • Stored securely using encrypted methods; retained only as needed, then securely deleted.

6. Data Subject Rights:

   • Facilitate access, correction, and deletion requests from data subjects.

7. Data Transfers:

   • Adequate protections for any data transferred externally.

8. Training and Awareness:

   • All staff undergo regular data protection training.

9. Breach Notification:

   • Authorities and data subjects are promptly notified in the event of a breach.

10. Review and Compliance:

    • Conduct regular audits; policy updates reflect legal or procedural changes.