Data protection legislation came into force in May 2018, aiming to protect people’s privacy. The data protection laws applies to all public bodies, businesses and other organisations that process personal data. The legislation comprises the General Data Protection Regulation (GDPR) which came into force on 25 May 2018 and the new Data Protection Act (DPA) 2018 which came into force around the same time. This will provide a single regulation across the European Union (EU) and place obligations on organisations that operate outside of the EU but provide goods or services to EU citizens.
While Momentum isn’t based in the European Union, we understand the importance of privacy and choice when it comes to your personal data. Therefore, our Board of Directors and IT team are currently working towards GDPR compliance.
1. Our GDPR principles
- We will process all personal data fairly and lawfully.
- We will only process personal data for specified and lawful purposes.
- We will endeavour to hold relevant and accurate personal data, which is kept up to date as far as practically possible.
- We won’t keep personal data for longer than is necessary.
- We will keep all personal data secure.
- we will endeavour to ensure that personal data is not transferred without adequate safeguards in place.
2. GDPR compliance
We are continually reviewing and updating all our processes, procedures, data systems and documentation in order to ensure we remain GDPR compliant.
Momentum will be complying with the GDPR as a controller and processor of data and will implement the relevant policies and practices to ensure we protect any data we handle –
- Employees will be made aware of the GDPR and their obligations within it, with additional training sometimes being used.
- All new employees joining will receive awareness training as part of our induction program.
3. Contact us
Should you require any further information about our GDPR plans and preparation, please feel free to contact us at email@example.com with the subject ‘GDPR Compliance’.