.png)
1. Purpose
This policy outlines how HD Claimants collects, processes, stores, and protects personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Scope
This policy applies to all employees, contractors, and partners who handle or have access to personal data collected through our marketing services.
3. Data Collection and Use
-
We only collect data that is necessary for specific, legitimate purposes.
-
All individuals are informed of how their data will be used via clear privacy notices.
-
Data is not shared with third parties without a lawful basis.
4. Data Storage and Security
-
All personal data is stored on secure servers with encryption and access control.
-
Passwords are regularly updated and two-factor authentication is enabled where applicable.
-
Regular security audits are conducted to identify and address vulnerabilities.
5. Data Access and Retention
-
Only authorised personnel have access to personal data.
-
Data is retained only for as long as necessary for its original purpose or as required by law.
-
Data no longer needed is securely deleted or anonymised.
6. Data Breach Reporting
-
We have a breach response protocol in place.
-
Any suspected breach is reported immediately to our Data Protection Officer (DPO).
-
In the event of a significant breach, the ICO and affected individuals will be notified within 72 hours, as required by UK GDPR.
7. Individual Rights
We uphold the rights of data subjects, including:
-
Right to access
-
Right to rectification
-
Right to erasure
-
Right to object
-
Right to data portability
8. Contact
For any data protection queries or concerns, please contact:
Data Protection Officer
Email: info@hdclaimants.com
Subject: FAO Data Protetion Officer