Data Protection Act Statement
“This is a statement outlining how JAVO CONSULTANCY LTD will meet its obligations under the Data Protection Act 1998 (“the Act”). The statement is subject to regular review to reflect changes to legislation, to the structure or policies of JAVO CONSULTANCY LTD”.
“The statement is made available to all staff who are expected to apply it. JAVO CONSULTANCY LTD will need to collect and use certain types of information about people with whom it deals in order to operate. This will also include any information necessary for the purposes for delivering the services including suppliers and others stakeholders. JAVO CONSULTANCY LTD will regard the lawful and correct use of personal information in the achievement of our objectives. Additionally, this will also contribute to the success of our operations, to maintain absolute confidence between those whom we deal with and ourselves. We therefore aim to ensure that our company will treat personal information lawfully and correctly. To this end, we fully endorse and adhere to the principles of data protection”.
“The eight principles under that Act require that personal information must be:
- processed fairly and lawfully and, in particular, must not be processed unless specific conditions are met.
- obtained only for one or more specified lawful purposes.
- not further processed in any manner incompatible with that purpose or those purposes.
- adequate, relevant and not excessive in relation to the purpose or purposes for which it is processed.
- accurate and wherever necessary, kept up-to-date.
- not kept for longer than is necessary for the specified purpose(s).
- processed in accordance with the rights of data subjects under the Act.
- should be subject to appropriate technical and organisational measures to prevent the unauthorized or unlawful processing of personal data, the accidental loss, destruction or damage to personal data.
- not transferred to a country or territory outside the European Economic Area (EEA). Apart of that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data”.
“In light of these obligations, JAVO CONSULTANCY LTD through appropriate management and controls will:
Firstly, Observe the conditions regarding the fair collection and use of personal information; Meet our legal obligations to specify the purpose(s) for which the personal information is to be used; Collect and process personal information only to the extent that it is needed to fulfil our operational needs or to comply with any legal requirements; Ensure that 1) the quality of the personal information is used; 2) personal information is held for no longer than necessary; 3) the rights of people about whom the information is held can be exercised under the Act. For instance, the right to access one’s personal information, to prevent processing in certain circumstances and to correct, rectify, block or erase information where it is wrong. Take appropriate technical and organisational measures to safeguard personal information; finally, ensure that personal information is not transferred outside the EEA without appropriate safeguards being in place”.
“In order to achieve compliance with the Act and its principles, JAVO CONSULTANCY LTD has created and implemented various internal policies and procedures. These are available to all staff outlining individual and organisational data protection responsibilities”. Last reviewed in February 2017.
FSCS (2017), Data Protection Statement, https://www.fscs.org.uk/data-protection-statement/, (accessed 13th February 2017).