We are committed to the principles inherent in the GDPR and particularly to the concepts of privacy by design, the right to be forgotten, consent and a risk-based approach. In addition, we aim to ensure:
transparency with regard to the use of data
that any processing is lawful, fair, transparent and necessary for a specific purpose
that data is accurate, kept up to date and removed when no longer necessary
that data is kept safely and securely.
We recognise that individuals have the right to access their personal data and supplementary information and will comply with the one month timeframe for responses set down in the GDPR. As a general rule, a copy of the requested information will be provided free of charge although we reserve the right to charge a "reasonable fee" when a request is manifestly unfounded or excessive, particularly if it is repetitive. If this proves necessary, the data subject will be informed of their right to contest our decision with the Information Commissioner's Office (ICO).
As set out in the GDPR, any fee will be notified in advance and will be based on the administrative cost of providing the information.
The privacy information notices for website visitors can be accessed here.
The privacy information notices for existing and former clients can be accessed here.
The GDPR provides for special protection for children’s personal data and we will comply with the requirement to obtain parental or guardian consent for any data processing activity involving anyone under the age of 16. Systems have been introduced to verify individuals’ ages.
Any questions related to GDPR or to issues concerning data protection generally should initially be addressed to firstname.lastname@example.org.