{"id":307,"date":"2018-03-28T18:10:47","date_gmt":"2018-03-28T17:10:47","guid":{"rendered":"https:\/\/haywoodhomes.com\/?page_id=307"},"modified":"2018-03-28T18:10:47","modified_gmt":"2018-03-28T17:10:47","slug":"data-protection-policy","status":"publish","type":"page","link":"https:\/\/haywoodhomes.com\/data-protection-policy\/","title":{"rendered":"Data Protection Policy"},"content":{"rendered":"
This policy was prepared by\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Sumik Ventures Limited<\/p>\n
Policy came into effect\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 8th<\/sup> November 2017<\/p>\n Policy will next be reviewed on\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 31st<\/sup> December 2018<\/p>\n The Group needs to gather and use certain information about individuals.<\/p>\n These can include customers, suppliers, business contacts, employees and other people that the organisation has a relationship with or may need to contact.<\/p>\n This policy describes how this personal data must be collected, handled and stored to meet the company\u2019s data protection standards \u2013 and to comply with the law.<\/p>\n The Data Protection Act 1998 describes how organisations \u2013 including the Haywood Homes Group must collect, handle and store information, whether on paper or electronically.<\/p>\n Such information must be collected, used fairly, stored safely and not disclosed unlawfully.<\/p>\n There are 8 important principles which each organisation in the group is required to follow, these say that personal data must:<\/p>\n This policy applies to:<\/p>\n The Policy applies to all data that any organisation within the Haywood Homes Group holds relating to identifiable individuals including but not exclusively<\/p>\n <\/p>\n Everyone who works for or with the Haywood Group of Companies has some responsibility for ensuring data is collected, stored and handled appropriately in line with this policy.<\/p>\n Certain people within the organisation have key areas of responsibility:<\/p>\n These rules describe how and where data should be safely stored.<\/p>\n When data is stored on paper it should be kept in a secure place where unauthorised people cannot see it.<\/p>\n When no longer required paper documents should be shredded and disposed of securely.<\/p>\n When data is stored electronically it must be kept protected from unauthorised access, accidental deletion and malicious hacking attempts with the use of strong passwords that cannot be easily identified. Consideration should be given to the change of passwords on a regular basis.<\/p>\n Data should only be stored on designated drives and servers and if uploaded to a cloud backup service such service must be of an approved type with adequate data protection in place of their own.<\/p>\n All servers and computers should have installed and operational security software and firewalls.<\/p>\n When working with Personal data employees should ensure the screens of their computers cannot be accessed when left unattended.<\/p>\n One of the principal reasons for the Group sourcing personal data from customers is to provide information to their duly appointed estate agents to ensure the smooth progress of the sales process and to solicitors for the preparation of the legal documents associated with the sale.<\/p>\n The Group will also supply personal data to the providers of guarantees in respect of the property to be occupied by the person concerned for their benefit.<\/p>\n If sending personal data to an external contact such data should be in an encrypted form.<\/p>\n Data should never be sent outside of the EEA.<\/p>\n Employees should NOT save data to their personal devices, all data should only be held in a central location unless required for efficiency reasons at a remote location when such data will only be retained whilst a transaction is in progress.<\/p>\n The DPA requires that organisations take reasonable steps to ensure data is kept accurate and up to date in so far as is possible.<\/p>\n Data should be held in as few places as is possible, duplication of records should be kept to a minimum and only when absolutely essential for the efficient operation of the organisation.<\/p>\n All individuals are entitled to make a request to the Organisation to identify:<\/p>\nIntroduction<\/u><\/h3>\n
Data Protection Law<\/u><\/h3>\n
\n
Policy Scope<\/u><\/h3>\n
\n
\n
Responsibilities<\/u><\/h3>\n
\n
\n
\n
General Staff Guidelines<\/u><\/h3>\n
\n
Data Storage<\/u><\/h3>\n
Data Use<\/u><\/h3>\n
Data Accuracy<\/u><\/h3>\n
Subject Access Requests<\/u><\/h3>\n
\n