Data Protection Policy
In the course of business P&JCDS receives certain sensitive information about individuals.
P&JCDS complies fully with Data Protection Laws namely by:
- Processing data lawfully and fairly
- Not disclosing Data to third parties unlawfully
- Ensuring Data is adequate and relevant for purpose and not excessive.
- Ensuring data is accurate and kept up to date
- Ensuring Data Is protected adequately
- Ensuring data is not held for any longer than is necessary
- Ensuring Data is processed in accordance with rights of the data subject.
The Data Protection officer (DPO) is: Janice Lynn McGarvey
The DPO is also responsible for :
- Keeping all staff updated about Data Protection responsibilities.
- Reviewing all Data Protection procedures on a regular basis
- Training all new staff in line with Data Protection Laws
- Dealing with all Subject Access requests
- Ensuring all 3rd Parties that may necessarily through the course of business have access to P&J Data, sign a Confidentiality and Non- Disclosure Agreement.
- Ensuring all electronic data held on file is password protected.
- Ensuring all paper data when no longer required is shredded and a certificate of Destruction obtained.