1. Introduction
React Consulting (“we”, “our”, “us”) is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognize our obligations in updating and expanding this program to meet the demands of the General Data Protection Regulation (GDPR).
2. Our Commitment
We are dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose, and demonstrates an understanding of, and appreciation for the GDPR. Our preparation and objectives for GDPR compliance have been summarized in this statement and include the development and implementation of new data protection roles, policies, procedures, controls, and measures to ensure maximum and ongoing compliance.
3. How We Comply with GDPR
Data Protection Principles
We adhere to the principles relating to processing of personal data set out in the GDPR which require personal data to be:
- Processed lawfully, fairly and in a transparent manner.
- Collected for specified, explicit and legitimate purposes.
- Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
- Accurate and where necessary kept up to date.
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Processed in a manner that ensures appropriate security of the personal data.
Information Audit
We conduct regular information audits to identify what personal data we hold, where it comes from, how and why it is processed, and if and to whom it is disclosed.
Privacy Notices/Policy
We ensure that our Privacy Notice/Policy is GDPR-compliant and informs individuals why we need their data, how it is used, what their rights are, who the data is disclosed to, and what safeguarding measures are in place to protect their information.
Obtaining Consent
Our consent mechanisms for obtaining personal data ensure that individuals understand what they are providing, why and how we use it, and provide clear, defined ways to consent to us processing their information.
Data Subject Rights
We provide easy-to-access information via our website of an individual’s right to access any personal information that React Consulting processes about them and to request information about:
- What personal data we hold about them.
- The purposes of the processing.
- The categories of personal data concerned.
- The recipients to whom the personal data has/will be disclosed.
- How long we intend to store your personal data for.
- If we did not collect the data directly from them, information about the source.
4. Security of Data
We take appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction of personal data.
We have put in place procedures to deal with any suspected data breach and will notify data subjects and any applicable regulator of a breach where we are legally required to do so.
5. Contact Us
If you have any questions about this GDPR Policy or our data protection practices, please contact us at:
- Email: [email protected]
Effective Date: June 1st 2024