PLANIT SCOTLAND | Data protection policy
Planit Scotland is committed to ensuring that the processing of personal data is only undertaken in the legitimate operation of our company’s business.
Planit Scotland collects and uses information (data) about our clients, their customers and bodies that our team have contact with, and aims to follow the 8 principles outlined within the Data Protection Act 1998. We will not sell your data to any 3rd party for marketing purposes.
Principles of the Data Protection Act 1998
Personal information must:
be fairly and lawfully processed
be processed for limited purposes
be adequate, relevant and not excessive
be accurate and up to date
not be kept for longer than is necessary
be processed in line with the date subjects’ rights
not be transferred to other countries without adequate protection
This policy applies to all staff, volunteers and other people working on behalf of Planit Scotland.
It applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside of the Data Protection Act 1998. This can include:
Names of individuals
Plus any other information relating to individuals
Data Protection Risks
This policy helps to protect Planit Scotland from some very real data security risks including:
Breaches of confidentiality. For instance, information being given out inappropriately.
Failing to offer choice. For instance, all individuals should be free to choose how the company uses data relating to them.
Everyone who works for or with Planit Scotland has some responsibility for ensuring data is collected, stored and handled appropriately. Each team member that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles.
General Planit Scotland Staff Details
The only people able to access data covered by this policy should be those who need it for their work.
Data should not be shared informally.
Planit Scotland will ensure all employees understand their responsibilities when handling data.
Employees should keep all data secure, by taking sensible steps and following the guidelines below.
Strong passwords must be used.
Personal data should not be disclosed to unauthorized people, either within the company or externally.
Data should be regularly reviewed and updated if it is found to be out of date. If it is no longer required, it should be deleted and disposed of.
Personal Data is of no value to Planit Scotland unless the business can make use of it. However, it is when personal data is accessed and used that it can be at the greatest risk of loss, corruption or theft therefore:
When working with personal data, employees should ensure their computers are always locked when left unattended.
Personal data should not be shared informally
Data must be encrypted before being transferred electronically
Personal data should never be transferred outside the European Economic Area
The law requires Planit Scotland to take reasonable steps to ensure data is kept up to date and accurate.
Data will be held in as few places as necessary
Staff should take every opportunity to ensure data is updated
Planit Scotland will make it easy for data subjects to update the information that Planit Scotland holds about them.
Data will be updated as inaccuracies are discovered.
Cookies and website visitor tracking
When using this website, you have the choice to agree to or decline cookies. Cookies are small files installed on your browser device that allow websites like this, and many others, to find out more about your browsing behaviour. For Planit Scotland, the purpose of using cookies is to better understand visitor demographics to this site so that improvements can be made, as well as informing marketing and sales strategies in the future.
This website makes use of several cookies, most notably ones relating to Google Analytics and Facebook Pixel. Planit Scotland also make use of WordFence that enables me to defend against malicious attacks, which uses a cookie to understand whether you are a genuine user or a robot.
The lawful basis for the use of these cookies is your given consent.
Subject Access Requests
All individuals who are the subject of personal data held by Planit Scotland are entitled to:
Ask what information the company holds about them and why
Ask how to gain access to it
Be informed how to keep it up to date
Be informed how the company is meeting its data protection obligations
Disclosing data for other reasons
In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances, Planit Scotland will disclose requested data.