Speak to an expert 0151 647 8658
Get A Free Quote

GDPR Compliance

Last Updated: [25/9/23]

Introduction:
Beaconrisk, accessible at https://www.beaconrisk.co.uk/, values the privacy and data security of our clients, employees, and partners. This document outlines our commitment to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679, which sets forth the data protection principles and rights of individuals within the European Economic Area (EEA).

 

1. Data Protection Principles:
We adhere to the principles relating to the processing of personal data as set out in the GDPR, which require personal data to be:

  • Processed lawfully, fairly, and transparently.

  • Collected only for specified, explicit, and legitimate purposes.

  • Adequate, relevant, and limited to what is necessary.

  • Accurate and kept up to date.

  • Held securely.

  • Retained only for as long as necessary.
     

2. Lawful Basis for Processing:
We ensure that we have a lawful basis for processing personal data, such as consent, contractual necessity, legal obligation, legitimate interests, or any other basis permitted by the GDPR.

3. Data Subject Rights:
We respect and facilitate the exercise of the data subject rights granted by the GDPR, including the right to:

Access: Individuals can request access to their personal data.

Rectification: Individuals can request correction of inaccurate or incomplete data.

Erasure: Individuals can request the deletion of their data under certain conditions.

Restriction:

Portability: Individuals can request a copy of their data in a structured, commonly used, and machine-readable format.

Objection: Individuals can object to the processing of their data for specific purposes.

Withdraw Consent: Where processing is based on consent, individuals have the right to withdraw consent at any time.

4. Data Security:
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and secure transfer methods.

5. Data Breach Notification:
In the event of a data breach that is likely to result in a high risk to the rights and freedoms of individuals, we will notify the affected data subjects and the relevant supervisory authority in accordance with GDPR requirements.

6. Data Transfers:
We ensure that any transfer of personal data outside the EEA is done with the appropriate safeguards in place, as required by the GDPR.

7. Training and Awareness:
We provide training and foster awareness among our employees regarding GDPR and data protection best practices to ensure compliance.

8. Updates and Review:
We regularly review and update our data protection policies and procedures to maintain compliance with the GDPR.

9. Contact Information:
For any questions, clarifications, or requests regarding our GDPR compliance, please contact us.