RJA Consultants welcomes the General Data Protection Regulation (GDPR) and the requirements for greater transparency by businesses about the use of personal data.
GDPR became effective from 25th May 2018 and aims to standardise data protection laws and data processing to give individuals the right to view and control their personal information that is held by companies and organisations.
RJA are committed to ensuring the security and protection of the information that we hold, and we will never disclose, share or sell personal data, unless required to do so by law.
RJA takes the privacy and security of individuals and their personal information seriously and we take reasonable measures and precaution to protect and secure the data that we process.
RJA use personal information solely to meet our legal, statutory and contractual obligations and in the course of providing our services. We may occasionally email, call or write to the contacts on our data-base in relation to the carrying out or marketing of our services or to advise of an event we are hosting or a charity event we are arranging.
To ensure we are compliant with GDPR we will:
- Ensure all staff are aware and compliant with the new Regulation
- Review information held and delete old and obsolete information
- Have procedures in place to investigate any breaches of security
- Undertake an information audit
- Only retain personal information for as long as necessary in our line of work
- Remove from our data base the information of anyone who makes an application ‘to be forgotten’ in accordance with Article 17 of GDPR