GDPR PRIVACY POLICY

What Is GDPR

General Data Protection Regulation ((EU) 2016/679) is the European legislation, which came into effect on 25th May 2018.

GDPR replaced the UK Data Protection Act and it provides additional legal rights for individuals against organisation who process their personal data.

Who are we  and How to contact us

I am Rashpal Kaur and can be contacted using the following details E mail Rashpal.teraa13@gmail.com

I am committed to ensuring that your personnel data is processed in accordance with this policy so please read it carefully, and let me know if you have any queries.

How I Will Process Your Personal Data

1.   Lawfully, Fairly and Transparently

   I am processing your data because you have provided consent by agreeing to this policy or to meet our legal requirements in running my business.

   You can withdraw your consent at any time by contacting me using the details above.

2.   Why I Am Holding Your Data

   I will only process your personal data for the following purposes;

   •  to enable me to provide you the services

3.   What Data Will I Be Holding

   I will only hold sufficient personal data to enable me to undertake the purposes set out in clause 2 above, including but not limited to name, contact details, and consultation notes. If you believe the personal data I am holding is excessive then please contact me.

4.   Is All The Personal Data I Hold Relevant

   I shall only hold the amount of data necessary to provide you the services. If you feel that any Personal Data I request is excessive or not required then please contact me.

5.   Keeping Your Personal Data Accurate

   You are responsible for ensuring that all personal data provided by you is accurate, and advise me as soon as possible of any amendments required.
   I may request that you confirm the accuracy of your personal data, which you are required to respond to within 14 days

   Failure to provide or keep your personal data up to date may result in me ceasing to provide the services to you.

6.   Storing And Deleting Your Personal Data

   All personal data will be held on my laptop, ipad and the data is only available to us or as set out in this policy. All data is backed up to the cloud.
   I shall store your personal data for the duration of the services I provide you with (including any renewal or extension periods) plus 7 years.
   If you wish your personal data to be deleted prior to the timescales above, you should contact me and I will action such request within 7 working days.

7. Protecting Your Personal Data

I am undertaking all reasonable security measures including but not limited to password protecting all PC’s which personal data is held on, and ensuring that all hardware has relevant and up to data security and anti-virus software enabled.

What To Do If You Believe There Is A Personal Data Breach

If you suspect there has been a potential or actual breach of your personal data then you should contact me as soon as possible detailing the nature of the breach (notice of Breach).
I will acknowledge your Notice of Breach within 5 working days and investigate the breach within an additional 7 working days.

If through the investigation I determine that there has been a personal data breach, then I will take all necessary action in order to rectify the situation and minimise any potential or actual damage caused through such a personal data breach.
I will communicate with you regarding the action being taken.
I will comply with any guidelines issued by the Information Commissioners Office (ICO) in relation to Personal Data Breach’s, including notifying the ICO when required to do so.

Sharing Your Personal Data

I shall not transfer or share your personal data with any 3rd parties except as follows;

• My accountant.

Changes To This Policy

I reserve the right to amend this policy at any time.