COWAN CONSULTANCY LTD PRIVACY AND DATA PROTECTION POLICY
Cowan Consultancy is fully committed to compliance with the requirements of the General Data Protection Regulations (GDPR)
Our Data Protection Policy outlines our commitment to protecting personal data and implementing its collection and use.
The policy explains how Cowan Consultancy will use and store any personal data that is collected or provided with by clients for legitimate business purposes which includes; administration of client accounts, to identify work being carried out and to identify and prevent fraud.
We will only collect information you supply to us which is restricted to; name, postal address, email address, telephone number and property details to enable Cowan Consultancy to provide services which have been requested, for the performance of a contract, to reply to an enquiry, respond to a request for a fee quotation, to update records or to comply with regulatory or government body requests.
We will not share or sell data for marketing purposes with third parties except where further specialist advice is required to deliver our services for which we will seek your permission.
If you contact us we will keep a record of email correspondence which will be stored securely on our email system but with the individual’s right to withdraw consent and such emails at any time by contacting firstname.lastname@example.org.
Archive material which contains personal data is stored in a secure unit. This is destroyed after 15 years to comply with Professional Indemnity Insurance requirements and UK legislation. Data which is no longer required is destroyed securely by shredding.
Under GDPR regulations Cowan Consultancy will collect and use personal data strictly for legitimate business processes. Personal data will be processed lawfully, fairly and in a transparent manner. The data will be limited to what is strictly necessary to carry out legitimate business and not be further processed.
Personal data that is inaccurate will be erased or rectified without delay.
- Individuals have the right to be informed
- Individuals have the right to access details of personal information held on our systems
- The right to request rectification if data is inaccurate
- The right to request erasure
- The right to restrict processing
- Data portability
- The right to object to processing
Minor data breaches will be reported internally to be investigated fully by Management and if appropriate our IT expert.
Major breaches where they are ‘likely to result in a risk to the rights and freedoms of individuals’ have to be reported within 72 hours of the breach.
This policy will be reviewed regularly and updates will be placed on our web page www.cowanconsult.co.uk.
Although we take appropriate measures to ensure data confidentiality, integrity and availability the use of the internet and our website is at the user’s risk.
Complaints related to the processing of personal data can be addressed to the Information Commissioner’s Office (ICO).