PROPFIN LTD. Data Protection Policy

Similar documents
DATA PROTECTION POLICY

KCSP Data Protection Policy

Southern Golden Retriever Rescue Data Protection Policy

Man and Machine - Data Protection Policy

Mobius Life Limited Data Privacy Notice

DATA PROTECTION POLICY. Little Baddow Parochial Church Council

Data Protection Cayman Islands

GLOBAL DATA PROTECTION POLICY URUP

Fitzwilliam College Data Protection Policy

Data Protection: Fair processing of student personal information Contents

Data Protection Act Policy

Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018

ASTRAZENECA GLOBAL POLICY DATA PRIVACY

Data Processing Addendum

Data Protection Policy. Newbury Academy Trust

ERGO Versicherung AG UK Branch Data Privacy Notice

London Borough of Redbridge

All Sorts UK Limited Data Protection Policy 17 th May 2018

Document Title. Date coming into force: Review Date: Edition No:

This information, or "personal data" as it is often referred to, must be processed according to the principles contained within the Regulation.

Data Transfer Policy Version 1.1 Last amended: 18 September 2014 Policy Owner: Governance Team

Firm Registration Form

The New EU General Data Protection Regulation (GDPR)

INTERNATIONAL SOS. Data Protection Policy. Version 1.8

LOCAL GOVERNMENT ASSOCIATION TEMPLATE MEMORANDUM OF UNDERSTANDING FOR LGPS FUNDS

1.1. This policy lays out how Glebe Primary School will comply with its responsibilities under the Data Protection Act 1998.

DATA PROCESSING AGREEMENT

IRIS Group of Companies Customer Data Processing Terms

PRIVACY NOTICE Use of Information Data Controller and Data Processor

Welcome To Your Data Protection Journey. Paula Tighe Information Governance Executive

Protection of Personal Information (POPI) Policy. Sigma SA (Pty) Ltd FSP: 45643

Data Protection Policy

Privacy Statement for Intermediaries

The following guidelines have been developed to assist all staff with the adherence to the Privacy & Data Protection Act (Vic) 2014 (the PDP Act ).

Hillgate Travel GDPR Response. Privacy Policy

DATA PROCESSING ANNEX

Guide to compliance with the Australian Privacy Principles. APP 1 Open and transparent management of personal information

North Yorkshire Pension Fund

Data Processing Addendum

Member Circular March Implementation of the EU General Data Protection Regulation 2016/679 General Guidance to Members

Privacy. Policy. Purpose. Coverage. Policy. Code and version control:

Moxtra, Inc. DATA PROCESSING ADDENDUM

DATA HANDLING AGREEMENT

THE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL

ON24 DATA PROCESSING ADDENDUM

EU Data Processing Addendum

SCCCI Personal Data Protection Policy

Lexus Asset Protector (GAP Insurance)

* Unless otherwise indicated, this policy will still apply beyond the review date.

RBI GDPR DATA PROCESSING ADDENDUM

ERGO Versicherung AG UK Branch Data Privacy Notice

European Union General Data Protection Regulation

DATA HANDLING AGREEMENT

ADMIRAL MARKETS AS PRIVACY POLICY

NA Data Privacy Policy

TERMS AND CONDITIONS FOR THE SUPPLY OF GOODS AND/OR SERVICES TO THE UNIVERSITY OF READING

Data Processing Appendix

PRIVACY POLICY OF BPO INSOLVENCY LIMITED (COMPANY REGISTRATION NO ) REGISTERED OFFICE 37 WALTER ROAD SWANSEA SA1 5NW

Example letter of engagement for audit assignment for an incorporated company Period of engagement Scope of services to be provided

The Controller and Processor Data Protection Binding Corporate Rules of BMC Software

FODO BUSINESS MEMBERSHIP APPLICATION 2017

INSURANCE: NEW CONDUCT OF BUSINESS SOURCEBOOK INSTRUMENT 2007

ABBOTT DIABETES CARE Effective Date: February 4, 2018

DATA PROCESSING ADENDUM

WHO IS RESPONSIBLE FOR LOOKING AFTER YOUR PERSONAL DATA?

SUMMARY OF BINDING CORPORATE RULES

DATA PROTECTION AND PERSONAL INFORMATION FAIR PROCESSING POLICY

DATA PROCESSING AGREEMENT

DATA PROCESSING ADDENDUM

DATA PROCESSING ADDENDUM

Depending on the circumstances and the stage of your membership, we may hold some or all of the following information about you:

Broadbean Technology Limited - Data Processing Agreement (25th May 2018)

YMCA SOUTH AUSTRALIA Privacy Policy

Twilio Data Protection Addendum ( DPA ) (GDPR, Binding Corporate Rules, Privacy Shield, and Standard Contractual Clauses) (Revision June 2018)

CLIENT DATA PROCESSING AGREEMENT

Pension Trustees. Final Countdown to the GDPR

Insurance: Conduct of Business

UNIT TRUST. Application Form

Financial Services Authority

SCHEDULE 20 PRIVACY PROTECTION TABLE OF CONTENTS 1. PURPOSE ACCURACY REQUESTS FOR ACCESS CORRECTION PROTECTION...

BINDING CORPORATE RULES

DATA PROTECTION ADDENDUM

Firm Registration Form - Equity Release and Mortgage products

Data Protection Privacy Notice for people not directly involved in the accident

PROTECTION OF PERSONAL INFORMATION POLICY (PoPI)

Privacy Policy. This privacy policy shall be valid even if you have reserved your transfers through the other sales partners of Plus Group Kft.

Property Owners Submission Form

Recordkeeping for Business Activities Carried out by Contractors RECORDKEEPING GUIDE G17 DATE ISSUED: JUNE 2009

AUSTRALIAN FINANCIAL SERVICES LICENSEE PRIVACY STATEMENT VERSION 3.0.0

Data Processing Agreement and Privacy Policy (EU) Classification: PUBLIC March 2018

PERSONAL DATA PROCESSOR AGREEMENT

HOW TO EXECUTE THIS DPA:

Protection Declaration Form

Vanguard Group (Ireland) Limited Vanguard Funds plc Vanguard Investment Series plc Privacy policy. May 2018

Privacy Notice. 1. Who we are and our approach to your privacy

Appropriate Policy Document

GDPR Data Processing Addendum

LOCAL GOVERNMENT PENSION SCHEME. Memorandum of Understanding regarding Compliance with Data Protection Law. Introduction

Privacy Policy. HDI Global SE - UK

Firefighters Pension Scheme

Transcription:

PROPFIN LTD Data Protection Policy Copyright 2017 PropFin. PropFin is a registered trademark of Propfin Ltd and is protected by law 1

1. Introduction The Company is committed to compliance with the requirements of the Data Protection Act 1998 ( the Act ), which came into force on the 1st March 2000. We will follow procedures that aim to ensure that all employees, contractors, agents, consultants, partners or other servants of the Company who have access to any personal data held by or on behalf of the Company, are fully aware of and abide by their duties and responsibilities under the Act. 2. Definition Data Protection is the set of measures and procedures an organisation undertakes to maintain the confidentiality and appropriate use of the data that it collects about its customers and employees during the course of its business. 3. Purpose The Act has two principal purposes: to regulate the use by those (known as data controllers) who obtain, hold and process personal data on living individuals, of those personal data; and to provide certain rights (for example, of accessing personal information) to those living individuals (known as data subjects) whose data is held. The cornerstones of the Act are the eight data protection principles, set out in detail in Section 5, in summary prescribe: guidelines on the information life-cycle (creation/acquisition; holding; processing; querying, amending, editing; disclosure or transfer to third parties; and destruction ('the life-cycle'); the purpose for which data are gathered and held; and enshrine rights for data subjects. The Act applies to PropFin, the Data Controller for the purposes of the Act and to anyone who holds personal information in a structured way so that retrieval is easy. PropFin is committed to abiding, not only by the letter, but also by the spirit of the Act, and is committed to the observation, wherever possible, of the highest standard of conduct mandated by the Act. This Policy has set out the standards expected by PropFin in relation to processing of personal data and safeguarding individuals' rights and freedoms. 4. Responsibilities Employees of PropFin are expected to: acquaint themselves with, and abide by, the Data Protection Principles; Copyright 2017 PropFin. PropFin is a registered trademark of Propfin Ltd and is protected by law 2

read and understand this Policy document; understand how to conform to the standard expected at any stage in the life-cycle; understand how to conform to the standard expected in relation to safeguarding data subjects' rights (e.g. the right to inspect personal data) under the Act; understand what is meant by 'sensitive personal data', and know how to handle such data; and contact the Data Protection Officer if in any doubt, and not to jeopardise an individual s rights or risk a contravention of the Act. 5. Principles The Data Protection Principles, in summary, are: Personal data shall be processed fairly and lawfully; Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes; Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed; Personal data shall be accurate and, where necessary, kept up to date; Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes; Personal data shall be processed in accordance with the rights of data subjects under the Act; Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data; and Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. 6. Guidelines As PropFin obtains personal data as part of its business processes it must comply with guidelines issued from time to time by the Data Protection Officer and it will notify the data subject (e.g. Borrowers, Employees, etc) the purpose(s) for which they are gathering the data, obtain their explicit consent, and inform them that PropFin will be the data controller for the purposes of the Act and the identities of any other persons to Copyright 2017 PropFin. PropFin is a registered trademark of Propfin Ltd and is protected by law 3

whom the data may be disclosed. If sensitive personal data are being collected, explicit consent is not only best practice, it is mandatory. No more data should be collected than is necessary for the purpose(s) declared. Data should not be held for longer than is necessary. PropFin s records management policies should be consulted for guidance on what is necessary for each kind of data. Personal data should be reviewed periodically to check that they are accurate and up to date and to determine whether retention is still necessary. Adequate measures should be taken to safeguard data to prevent loss, destruction or unauthorised disclosure. The more sensitive the data, the greater the measures that need to be taken. In the context of PropFin, 'processing' is used in the narrow sense of editing, amending or querying data. In the context of the Act, 'processing' is very widely defined to include acquisition, passive holding, disclosure and deletion. Personal data must not be processed except for the purpose(s) for which they were obtained or for a similar, analogous purpose. If the new purpose is very different, the data subject's consent must be obtained. 7. Disclosures PropFin's policy under the Act is to protect the confidentiality of those whose personal data it holds. PropFin s employees must keep all information about its clients confidential. It will provide the minimum amount of data required to parties, such as Monitors and Valuation Agents, explicitly named as providing services during its underwriting process. No employee may disclose personal data to the police or any other public authority unless that disclosure has been authorised by PropFin's Data Protection Officer. Transfer of data Personal data should not be transferred outside storage within the control of Propfin and in particular not to a country outside the EEA except with the data subject's consent; or unless that country's data protection laws provide an adequate level of protection; or adequate safeguards have been put in place in consultation with the Data Protection officer Personal data must not be held for longer than necessary; and when such data have been earmarked for destruction, appropriate measures must be taken to ensure that the data cannot be reconstructed and processed by third parties. 8. Right of Access The Company is fully committed to facilitating access by data subjects ('applicants') to their personal data, while bearing in mind the need to protect other individuals' rights of privacy. Copyright 2017 PropFin. PropFin is a registered trademark of Propfin Ltd and is protected by law 4

All applicants will be expected to contact PropFin either via email or in writing. Applicants who are members of the Company and have a Company login and email account may submit this form via their Company email account. In such cases, no further proof of ID will be required. Applicants who are not members of PropFin and members of the Company who do not submit the form via their Company email account, must submit supporting documentation which establishes that they are the data subject (or where the application is made by a third party on behalf of the data subject, which establishes the third party's identity, that of the data subject and a form of authority signed by the data subject is produced). 9. Enquiries PropFin will ensure that there is someone with specific responsibility for data protection in the organisation. The nominated person is currently the Chief Operating Officer. The Data Protection Officer may be contacted at: Propfin Limited 20-22 Bedford Road London WC1R 4JS Email : dataprotection@propfin.com 10. Privacy PropFin respects your privacy. The information that you provide us with, or that is gathered automatically, helps us to monitor our services and provide you with the most relevant information. More information on how PropFin safeguards your privacy in relation to websites, email, voicemail, social media, testing and training can be found on our website: www.propfin.com. The full Privacy statement is available as a link in the footer of PropFin s website and is available to the public. Copyright 2017 PropFin. PropFin is a registered trademark of Propfin Ltd and is protected by law 5

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback