Data Protection Policy
Eyears’s Data Protection Corporate Policy
The Data Protection Act 1998
Companies processing personal data are required to abide by the eight principles of the Data Protection Act 1998 (“DPA”), which require that data is:
- Fairly and lawfully processed
- Processed for limited purposes
- Adequate, relevant and not excessive
- Not kept longer than necessary
- Processed in accordance with the data subjects rights
- Kept securely
- Not transferred to countries outside the European Economic Area without adequate protection.
Personal data means data, which relates to a living individual who can be identified from the data or from the data together with other information, which is in the possession of, or is likely to come into possession of [Eyears]. Data may only be processed with the consent of the person whose data is held. The definition of “processed” is obtaining, using, holding, amending, disclosing, destroying and deleting personal data. This includes both hard and soft copy data.
The objective of this policy is to ensure that all external stakeholders and staff members are aware of Eyears’s policy with regard to processing personal data, and that employees are fully aware of the requirements and obligations required of them and [Eyears] by the DPA.
[Eyears] is required to keep certain information regarding its employees to enable it to carry out its day to day operations, and to comply with its legal obligations.
[Eyears] is committed to ensuring that all personal data is processed in line with the DPA. To comply with the principles of the DPA, as outlined above, personal information will be collected and used fairly, stored safely and not disclosed to any other person or organisation unlawfully.
[Eyears] has registered with the Information Commissioners Office and has appointed a Data Controller [Martin Bove, Director] who is responsible for ensuring the provision of suitable DPA advisory, training and awareness, DPA request handling, and compliance with the [Eyears’s] obligations under the DPA.
It is the responsibility of all employees to ensure that they understand their obligations under the DPA, and to inform the Data Controller if they do not; and all data processed is done so in line with this policy.
All data subjects have the right to access the information held about them, ensure that it is correct and fairly held, and to complain to the Data Controller if they are dissatisfied. All requests to access personal data will be handled in accordance with the DPA.
Data subjects include all staff and any other person about whom [Eyears] processes personal data.
[Eyears] may not always seek the consent of data subjects when processing personal data, for example, when processing for normal business purposes or when the information is already in the public domain.
Everyone who provides personal data to [Eyears] is responsible for ensuring adherence to the DPA, especially with regard to accuracy and, in the case of third parties providing the personal data of others, the right to disclose this personal data.
[Eyears] will review this policy on a regular basis to ensure its relevance and effectiveness.
If an employee is found to have deliberately acted in contravention of this policy, s/he will be subject to the Eyears’s disciplinary policy, and such behaviour could lead to disciplinary action.
Any queries regarding this policy should be raised in the first instance with the Data Controller [Martin Bove, Director].
At Eyears you can place your advertisement for Childcare or Education vacancies on our website completely free of charge. The vacancy becomes fully live within minutes of you placing it...