Agency Express Limited needs to gather and use certain information about individuals.
These can include customers, suppliers, business contacts, employees and other people the company has a relationship with or may need to contact.
The company recognises The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) adopted 27th April 2016, the two-year transition period and the application date of 25th May 2018.
Why the policy exists
Through the implementation of our Data Protection policy Agency Express Limited;
- Complies with data protection law and follows best practice
- Protects the rights of customers, any individual that has dealings with the company and our staff
- Is open about how it stores and processes individuals data
- Protects itself from the risks of a data breach
Data Protection Law
The Data Protection Act 1998 and The General Data Protection Regulation (GDPR) describe how organisations, such as Agency Express Limited, must collect, handle and store personal information.
The rules apply regardless of how the data is stored i.e. electronically, on paper or in any other way.
To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.
Agency Express Limited shall comply with the Data Protection Principles (the Principles) to ensure all data is;
- Fairly and lawfully processed
- Processed for a specific and lawful purpose
- Adequate, relevant and not excessive
- Accurate and up to date
- Not held for longer than necessary
- Processed in accordance with the rights of data subjects
- Protected in appropriate ways
- Not transferred outside the European Economic Area (EEA) unless that country also ensures an adequate level of data protection