Data Protection Policy
SDK is committed to protecting the rights of individuals’ privacy with regard to the processing of personal data and SDK’s Data Protection Policy has been drafted to support that commitment.
SDK has appointed a Data Protection Officer to develop, implement and maintain the Data Protection Policy and ensure that SDK acts in accordance with the Data Protection Act (the “Act”) and specifically the Eight Principles.
In complying with the Eight Principles of the Act, SDK will ensure that personal data shall:
- be obtained and processed fairly and lawfully and not be processed unless certain conditions are met;
- be obtained for a specific and lawful purpose and not be processed in any manner which is incompatible with that purpose;
- be adequate, relevant and not excessive for that purpose;
- be accurate and kept up to date where necessary;
- not kept for longer than is necessary for that purpose;
- be processed in accordance with the data subject’s rights;
- be kept secure and safe from unauthorised access, accidental loss, damage or destruction;
- not be transferred to a country outside the European Economic Area, unless that country has equivalent levels of protection for personal data.
The Data Protection Policy will apply to all staff who will be trained and are expected to deal with personal and sensitive personal data in accordance with the policy and procedures at SDK.
SDK will apply appropriate procedures for ensuring compliance when processing, handling and storing data as a Data Processor for another organisation.
General Data Protection Regulation