GDPR Policy for Donnelly Safety Services Ltd
What is GDPR Policy?
1. Introduction
Donnelly Safety Services Ltd ("the Company") is committed to ensuring the privacy and protection of all personal data it processes. This policy outlines the Company's approach to handling personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and related data protection laws. The policy applies to all employees, contractors, and third parties engaged by the Company.
2. Company Overview
Company Name: Donnelly Safety Services Ltd
Company Type: Private Limited Company
Registered Office Address: 3rd Floor, Arnott House, 12-16 Bridge Street, Belfast, Northern Ireland. BT1 1LU
Coverage Area: United Kingdom and Ireland
Primary Services: Health and safety consultancy, including risk assessments, training, and advisory services.
3. Definitions
Personal Data: Any information that relates to an identified or identifiable individual.
Data Subject: The individual whose personal data is being processed.
Processing: Any operation performed on personal data, such as collection, storage, use, or disclosure.
4. Data Protection Principles
The Company adheres to the following principles when processing personal data:
Lawfulness, Fairness, and Transparency: Personal data must be processed lawfully, fairly, and in a transparent manner.
Purpose Limitation: Data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
Data Minimisation: Only data that is adequate, relevant, and necessary should be collected and processed.
Accuracy: Personal data must be accurate and kept up to date.
Storage Limitation: Data should not be kept for longer than necessary.
Integrity and Confidentiality: Personal data must be processed securely to prevent unauthorised access, loss, or damage.
5. Lawful Basis for Processing
The Company processes personal data based on one or more of the following legal grounds:
Consent from the data subject.
Performance of a contract.
Compliance with a legal obligation.
Protection of vital interests.
Legitimate interests pursued by the Company or a third party.
6. Data Subject Rights
The Company upholds the rights of data subjects, which include:
Right to Access: Individuals can request access to their personal data.
Right to Rectification: Correction of inaccurate or incomplete data.
Right to Erasure: Request for deletion of personal data (subject to legal exceptions).
Right to Restriction: Limiting processing under certain conditions.
Right to Data Portability: Receive personal data in a structured format and transfer it to another controller.
Right to Object: Object to data processing in certain circumstances.
7. Data Security Measures
The Company implements appropriate technical and organizational measures to ensure the security of personal data, including:
Encryption and pseudonymization where applicable.
Regular risk assessments.
Access controls and authentication procedures.
8. Data Breach Management
In the event of a data breach, the Company will:
Notify the Information Commissioner’s Office (ICO) within 72 hours if the breach poses a risk to data subjects’ rights and freedoms.
Inform affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
9. Contact Information
For any questions regarding this policy or data protection practices, contact:
Wayne Turner
Managing Director
Donnelly Safety Services Ltd
02890 992494
[email protected]
3rd Floor, Arnott House, 12-16 Bridge Street, Belfast, Northern Ireland. BT1 1LU
This policy will be reviewed regularly and updated as necessary to ensure ongoing compliance with UK GDPR and relevant data protection laws.
Donnelly Safety Services Ltd ("the Company") is committed to ensuring the privacy and protection of all personal data it processes. This policy outlines the Company's approach to handling personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and related data protection laws. The policy applies to all employees, contractors, and third parties engaged by the Company.
2. Company Overview
Company Name: Donnelly Safety Services Ltd
Company Type: Private Limited Company
Registered Office Address: 3rd Floor, Arnott House, 12-16 Bridge Street, Belfast, Northern Ireland. BT1 1LU
Coverage Area: United Kingdom and Ireland
Primary Services: Health and safety consultancy, including risk assessments, training, and advisory services.
3. Definitions
Personal Data: Any information that relates to an identified or identifiable individual.
Data Subject: The individual whose personal data is being processed.
Processing: Any operation performed on personal data, such as collection, storage, use, or disclosure.
4. Data Protection Principles
The Company adheres to the following principles when processing personal data:
Lawfulness, Fairness, and Transparency: Personal data must be processed lawfully, fairly, and in a transparent manner.
Purpose Limitation: Data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
Data Minimisation: Only data that is adequate, relevant, and necessary should be collected and processed.
Accuracy: Personal data must be accurate and kept up to date.
Storage Limitation: Data should not be kept for longer than necessary.
Integrity and Confidentiality: Personal data must be processed securely to prevent unauthorised access, loss, or damage.
5. Lawful Basis for Processing
The Company processes personal data based on one or more of the following legal grounds:
Consent from the data subject.
Performance of a contract.
Compliance with a legal obligation.
Protection of vital interests.
Legitimate interests pursued by the Company or a third party.
6. Data Subject Rights
The Company upholds the rights of data subjects, which include:
Right to Access: Individuals can request access to their personal data.
Right to Rectification: Correction of inaccurate or incomplete data.
Right to Erasure: Request for deletion of personal data (subject to legal exceptions).
Right to Restriction: Limiting processing under certain conditions.
Right to Data Portability: Receive personal data in a structured format and transfer it to another controller.
Right to Object: Object to data processing in certain circumstances.
7. Data Security Measures
The Company implements appropriate technical and organizational measures to ensure the security of personal data, including:
Encryption and pseudonymization where applicable.
Regular risk assessments.
Access controls and authentication procedures.
8. Data Breach Management
In the event of a data breach, the Company will:
Notify the Information Commissioner’s Office (ICO) within 72 hours if the breach poses a risk to data subjects’ rights and freedoms.
Inform affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
9. Contact Information
For any questions regarding this policy or data protection practices, contact:
Wayne Turner
Managing Director
Donnelly Safety Services Ltd
02890 992494
[email protected]
3rd Floor, Arnott House, 12-16 Bridge Street, Belfast, Northern Ireland. BT1 1LU
This policy will be reviewed regularly and updated as necessary to ensure ongoing compliance with UK GDPR and relevant data protection laws.
