Data Protection Policy

Introduction
JAG-PS Limited ("the Company") is committed to protecting the privacy and security of personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy outlines how we collect, process, store, and protect personal data to ensure compliance with legal obligations and safeguard the rights of individuals.

Scope
This policy applies to all employees, contractors, and third parties acting on behalf of JAG-PS Limited. It covers all personal data handled by the Company, whether stored electronically, on paper, or by other means.

Data Protection Principles
We adhere to the following principles when processing personal data:

  1. Lawfulness, Fairness, and Transparency: Data will be processed lawfully, fairly, and in a transparent manner.

  2. Purpose Limitation: Data will only be collected for specified, explicit, and legitimate purposes and not processed in a manner incompatible with those purposes.

  3. Data Minimisation: Only data that is relevant and necessary will be collected and processed.

  4. Accuracy: Personal data will be kept accurate and up to date.

  5. Storage Limitation: Data will not be kept longer than necessary.

  6. Integrity and Confidentiality: Data will be processed securely to protect against unauthorised or unlawful processing, accidental loss, destruction, or damage.

Data Collection and Use

  • Personal data is collected only for legitimate business purposes, such as managing client relationships, providing services, and complying with legal obligations.

  • Consent will be obtained where required, and individuals will be informed of how their data will be used.

Individual Rights
We respect and uphold the rights of individuals, including:

  • The right to be informed about how their data is used.

  • The right to access their data.

  • The right to correct inaccurate or incomplete data.

  • The right to request the deletion of their data.

  • The right to restrict or object to data processing.

  • The right to data portability.

Requests to exercise these rights should be made in writing to [insert contact details].

Data Sharing

  • Personal data will only be shared with third parties when necessary for business operations, with appropriate safeguards in place.

  • We ensure that all third parties comply with data protection laws.

Data Security

  • Access to personal data is restricted to authorised personnel only.

  • Secure systems and technologies are used to protect data against unauthorised access and breaches.

  • Regular reviews and audits are conducted to maintain compliance.

Data Retention

  • Personal data will be retained only as long as necessary for the purposes for which it was collected or as required by law.

  • A data retention schedule will guide the secure disposal of data no longer needed.

Breach Management

  • In the event of a data breach, we will take immediate action to contain and mitigate the risk.

  • Serious breaches will be reported to the Information Commissioner’s Office (ICO) within 72 hours, and affected individuals will be informed where necessary.

Training and Awareness
All employees and contractors are trained on data protection policies and procedures to ensure understanding and compliance.

Responsibility and Monitoring
The Company’s Data Protection Officer (DPO) is responsible for overseeing compliance with this policy. Regular reviews and updates will ensure the policy remains effective and up to date.

Contact Information
For questions or concerns about this policy or data protection practices, please contact:
Data Protection Officer
JAG-PS Limited
james@jag-ps.co.uk

Review
This policy will be reviewed annually or as required by changes in legislation or business operations.

Effective Date: 23/11/2023
Last Reviewed: 23/11/2024

JAG-PS Limited is committed to fostering trust by ensuring personal data is handled with care and transparency.