GDPR Statement

The General Data Protection Regulations (GDPR) (together with the new Data Protection Act (DPA) 2018) regulate MY use of your personal data.

This Compliance Statement summarises in general terms how I seek to comply with the GDPR.  For information about MY detailed practices, please refer to MY Privacy & Cookie Policy.

1. GDPR principles

• I will process all personal data fairly and lawfully

• I will only process personal data for specified and lawful purposes

• I will endeavour to hold relevant and accurate personal data, and where practical, I will keep it up to date

• I will not keep personal data for longer than is necessary

• I will keep all personal data secure

• I will endeavour to ensure that personal data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection

2. GDPR compliance

Pursuant to the GDPR, I am both controller and processor of data for the purposes of your personal information.

I have the following measures in place to ensure GDPR compliance:

• I have made myself aware of the GDPR and restrictions and obligations within it as may be relevant to ME.  

3. GDPR actions

• I have a Privacy & Cookie Policy in place, which sets out MY data protection practices in detail

• I have assessed MY lawful bases for processing data to ensure all personal data is processed lawfully, fairly and transparently

• I will continue to look at ways of improving our systems and procedures to better comply with GDPR best practice

• I will continue to monitor our GDPR procedures and processes