Data Protection Policy Statement
We are registered with the Information Commissioner’s Office and are committed to compliance with the general data projection regulations (GDPR and relevant UK registration). This notice explains how we use and share personal information which may be collected online, on paper or by email, telephone, or in person by different departments across CSW Group.
Our Data Protection Registration number is Z6484643
The CSW Group adheres to the principles of these regulations in respect of processing data as Controller for our business purposes and as Processor in terms of our legitimate business interests when fulfilling our contractual obligations.
As a registered data processor, CSW is committed to complying with data protection legislation and good practice including:
a. processing personal information only in order to meet our legitimate operational needs whilst fulfilling legal requirements
b. collecting only the minimum personal information required for these purposes and not processing excessive personal information;
c. supporting the data controller in their role in providing clear information to individuals about how their personal information will be used and by whom;
d. only processing relevant and adequate personal information;
e. processing personal information fairly and lawfully;
f. maintaining an inventory of the categories of personal information processed by CSW Group and establishing appropriate retention periods for this;
g. keeping personal information accurate and, where necessary, up to date;
h. retaining personal information only for as long as is necessary for legal or regulatory reasons or, for legitimate organisational purposes;
i. respecting individuals’ rights in relation to their personal information, including their right of subject access and overall ensuring that data subjects’ rights can be appropriately exercised
j. keeping all personal information secure;
k. only transferring personal information outside the EU in circumstances where it can be adequately protected;
l. developing, implementing and continually improving a IMS to enable this policy to be implemented;
m. providing data protection training for all staff and promoting good practice in data protection;
n. ensuring that staff handling personal data know where to find further guidance;
o. ensuring that queries about data protection, internal and external to the organisation, are dealt with effectively and promptly;
p. where appropriate, identifying internal and external stakeholders and the degree to which they are involved in the IMS; and ensuring that data processing/sharing agreements are applied to them and when processing/sharing data to them and other third parties;
q. the identification of workers with specific responsibility and accountability for the IMS;
r. ensuring that a nominated officer is responsible for data protection compliance and is the point of contact for all data protection issues;
s. that complaints and/or breaches of data security are dealt with in accordance with Information Commissioners Office (ICO) procedures.
If you have any questions about how CSW Group processes your information please contact our Data Protection Officer via email DataProtection@cswgroup.co.uk
The ICO (Information Commissioners Office) is the UK’s independent body set up to uphold information rights. Find out more about their work and the legislation they cover by visiting the website.
Click the panel below to visit the ICO website