AWH Holdings Ltd aims to ensure that all personal data collected about employees, clients and other individuals is collected, stored and processed in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA 2018).
This policy applies to all personal data, regardless of whether it is in paper or electronic format.
This policy meets the requirements of the GDPR and the provisions of the DPA 2018. It is based on guidance published by the Information Commissioner’s Office (ICO) on the GDPR and the ICO’s code of practice for subject access requests.
It also reflects the ICO’s code of practice for the use of surveillance cameras and personal information.
Personal data - Any information relating to an identified, or identifiable, individual.
This may include the individual’s:
It may also include factors specific to the individual’s physical, physiological, genetic, mental, economic, cultural or social identity.
Special categories of personal data - Personal data which is more sensitive and so needs more protection, including information about an individual’s:
Processing - Anything done to personal data, such as collecting, recording, organising, structuring, storing, adapting, altering, retrieving, using, disseminating, erasing or destroying.
Processing can be automated or manual.
Data subject - The identified or identifiable individual whose personal data is held or processed.
Data controller
A person or organisation that determines the purposes and the means of processing of personal data.
Data processor - A person or other body, other than an employee of the data controller, who processes personal data on behalf of the data controller.
Personal data breach - A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data.