Data Protection Policy
Under the terms of the Data Protection Act 1998, because the Group maintains personal computerised data for the provision of its legal services, it is required to notify the fact to the Data Protection Commission. The notification has to be renewed annually. Kieron Kent as Managing Director makes this notification.
Kieron Kent is the Data Protection Officer, who has responsibility for the policy and for managing the firm’s data protection/data privacy obligations and processes. He is also responsible for ensuring that the policy is reviewed annually by the Board – most likely at their annual strategy meeting.
We will only store information necessary for the purposes of our business. We will not disclose information without prior consent, unless required to do so by legislation or court order.
As part of the firm’s staff administration, the following personnel records are kept. If a member of staff wishes to have a copy of their own record, they should ask Kieron Kent and a copy will be provided. These records are kept in confidence and can be accessed by arrangement with Kieron Kent only
- surname;
- forenames;
- address and post code;
- telephone number;
- date of birth;
- NI number;
- next of kin contact during office hours;
- position held;
- date of start of employment;
- current salary and salary changes;
- details of other benefits.
The Data Protection Act 1998 requires the firm to comply with the following eight principles. Data shall be:
- fairly and lawfully processed
- processed for limited purposes
- adequate, relevant and not excessive
- accurate
- not kept longer than necessary
- processed in accordance with the data subject’s rights
- secure
- not transferred to countries outside the EEA without adequate protection.
This Policy should be read in conjunction with the GDPR Policy.
Review Date: 19th August 2023