Data Protection Policy

Introduction

In the course of business P&JCDS receives certain sensitive  information about individuals.

 P&JCDS complies fully with Data Protection Laws namely by:

1. Processing data lawfully and fairly
2. Not disclosing Data to third parties unlawfully
3. Ensuring Data is adequate and relevant for purpose and not excessive.
4. Ensuring data is accurate and kept up to date
5. Ensuring Data Is protected adequately
6. Ensuring data is not held for any longer than is necessary
7. Ensuring Data is processed in accordance with rights of the data subject.

The Data Protection officer (DPO) is: Janice Lynn McGarvey

The DPO is also responsible for :

1. Keeping all staff updated about Data Protection responsibilities.
2. Reviewing all Data Protection procedures on a regular basis
3. Training all new staff in line with Data Protection Laws
4. Dealing with all Subject Access requests
5. Ensuring all 3^rd Parties that may necessarily through the course of business have access to P&J Data, sign a Confidentiality and Non- Disclosure Agreement.
6. Ensuring all electronic data held on file is password protected.
7. Ensuring all paper data when no longer required is shredded and a certificate of Destruction obtained.

Version 4