Deck Joint Ltd needs to gather and use certain information about individuals.
These can include customers/ suppliers/ business contacts, employees and other people the organisation has a relationship with or may need to
This policy describes how the personal data must be collated, handled and stored to meet the governments data protection standards, and to
comply with the law.
Why this policy exists
This data protection policy ensures Deck Joint Ltd:
Data Protection Law
The Data Protection Act 1998 describes how organisations including Deck Joint Ltd must collate, handle and store personal information.
These rules apply regardless of whether data is stored electronically, on paper or on other materials.
To comply with the law, personal information must be collated and used fairly, stored safely and not disclosed unlawfully.
The Data Protection Act is underpinned by eight important principles. These say that personal data must:
1. Be processed fairly and lawfully.
2. Be obtained only for specific, lawful purposes.
3. Be adequate, relevant and not excessive.
4. Be accurate and kept up to date
5. Not to be held for longer than necessary.
6. Processed in accordance with the rights of data subject.
7. Be protected in appropriate ways.
8. Not be transferred outside the European Economic Area (EEA) unless that country or territory also ensures an adequate level of
People, Risks and Responsibilities.
This policy applies to all staff, customers and suppliers.
It applies to all data that the company hold relating to identifiable individuals.
Data Protection Risks
This policy helps to protect Deck Joint Ltd from some very real data security risks including:
Everyone who works for Deck Joint Ltd has some responsibility for ensuring data is collected, stored and handled appropriately.
Persons that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles such as:
General Staff Guidelines
When data is stored on paper, it should be kept in a secure place where unauthorised people cannot see it.
When not required, the paper or files should be kept in a lock drawer or filing cabinet.
When data is stored electronically, it must be protected from unauthorised access. data should be backed up frequently
All servers and computers containing data should be protected by approved security software and a firewall.
Personal data is of no value to Deck Joint Ltd unless the business can make use of it.
The law requires Deck Joint Ltd to take reasonable steps to ensure data is kept accurate and up to date.
Deck Joint Ltd aims to ensure that individuals are aware that their data is being processed, and that they understand how the data is being used
and how to exercise their rights.