Eddisonfields Privacy Policy
Eddisonfields recognises the significance of data protection. The purpose of this policy is to protect all personal information controlled or processed by the organisation and ensure an adequate level of awareness to ensure data protection principles are applied across all areas of operation within Eddisonfields. Personal data is identified and managed in accordance with the data protection risk assessment methodology that endorses the acceptable risk levels. Our Data Protection Policy is achieved by a stringent set of controls, including policies, processes, procedures and software and hardware functions. These controls are monitored, reviewed and improved by the Board to ensure that specific data protection, security and business objectives are met. This is operated in conjunction with other business management processes, and incorporates the applicable statutory, regulatory and contractual requirements. In particular, Eddisonfields is committed to compliance with data protection requirements and good practice to include:
- Processing personal information only where this is strictly necessary for legal and regulatory purposes, or for legitimate organisational purposes
- Processing only the minimum personal information required for these purposes
- Providing clear information to natural persons (including children) about how their personal information can be used and by whom
- Only processing relevant and adequate personal information
- Processing personal information fairly and lawfully
- Maintaining a documented inventory of the categories of personal information processed by the organisation
- Keeping personal information accurate and, where necessary, up-to-date
- Retaining personal information only for as long as is necessary for legal or regulatory reasons or for legitimate organisational purposes and ensuring timely and appropriate disposal
- Respecting natural persons' rights in relation to their personal information
- Keeping all personal information secure
- Only transferring personal information outside Luxembourg in circumstances where it can be adequately protected
- Developing and implementing our database system to enable the data protection policy to be implemented
- Where appropriate, identifying internal and external interested parties and the degree to which they are involved in the governance of the organisation's database
- Identify workers with specific responsibility and accountability for the database
- Maintain records of processing of personal information
- Privacy notice against data obtained from 3rd party
- Retention policy
- Withdraw/consent forms
- Data protection procedure
Eddisonfields Privacy Policy
Eddisonfields recognises the significance of data protection. The purpose of this policy is to protect all personal information controlled or processed by the organisation and ensure an adequate level of awareness to ensure data protection principles are applied across all areas of operation within Eddisonfields. Personal data is identified and managed in accordance with the data protection risk assessment methodology that endorses the acceptable risk levels. Our Data Protection Policy is achieved by a stringent set of controls, including policies, processes, procedures and software and hardware functions. These controls are monitored, reviewed and improved by the Board to ensure that specific data protection, security and business objectives are met. This is operated in conjunction with other business management processes, and incorporates the applicable statutory, regulatory and contractual requirements. In particular, Eddisonfields is committed to compliance with data protection requirements and good practice to include:
- Processing personal information only where this is strictly necessary for legal and regulatory purposes, or for legitimate organisational purposes
- Processing only the minimum personal information required for these purposes
- Providing clear information to natural persons (including children) about how their personal information can be used and by whom
- Only processing relevant and adequate personal information
- Processing personal information fairly and lawfully
- Maintaining a documented inventory of the categories of personal information processed by the organisation
- Keeping personal information accurate and, where necessary, up-to-date
- Retaining personal information only for as long as is necessary for legal or regulatory reasons or for legitimate organisational purposes and ensuring timely and appropriate disposal
- Respecting natural persons' rights in relation to their personal information
- Keeping all personal information secure
- Only transferring personal information outside Luxembourg in circumstances where it can be adequately protected
- Developing and implementing our database system to enable the data protection policy to be implemented
- Where appropriate, identifying internal and external interested parties and the degree to which they are involved in the governance of the organisation's database
- Identify workers with specific responsibility and accountability for the database
- Maintain records of processing of personal information
- Privacy notice against data obtained from 3rd party
- Retention policy
- Withdraw/consent forms
- Data protection procedure
© Eddisonfields 2024
+44 (0) 203 292 0070 info@eddisonfields.com
+44 (0) 203 292 0070 info@eddisonfields.com
© Eddisonfields 2024