Momentum Advisory collects, processes and stores personal data on an ongoing basis. Data may be collected from customers, suppliers, business contacts, employees and any other person the organisation has a relationship with or may need to contact. Momentum Advisory is committed to safeguarding the privacy rights of all individuals from whom we collect and store data, in line with our Data Protection obligations as outlined in Legislation.
Policy Scope: This policy applies to all personal data held in relation to data subjects by Momentum Advisory, whether held in manual or electronic form. All managers, employees, volunteers, contractors, suppliers and any other person who works on behalf of Momentum Advisory are bound by this policy, and are responsible for ensuring data is collected, stored and handled appropriately. Momentum Advisory is committed to ensuring that all staff and associates have sufficient awareness of their responsibilities to ensure they can anticipate and identify a Data Protection issue should one arise.
Data Protection Principles: Momentum Advisory commits to adhere to the principles of Data Protection by ensuring:
- The lawful, fair and transparent processing of any data collected. There will be a legal basis for the processing of any data. The purpose for which data is collected will be specific and clearly stated.
- Purpose Limitation. Data collected will be used only in ways compatible with the purpose for which it was collected. Data will not be used or disclosed for any other purpose other than that for which it was obtained.
- Data Minimisation. Personal data will not be collected or retained if it is not required.
- Data Accuracy. Momentum Advisory will make every effort to ensure data is accurate, complete and up to date. Where any inaccuracies are identified these will be remedied immediately.
- Storage limitation. Data will be retained for no longer than is necessary for the purpose(s) for which it is acquired.
- Integrity and Confidentiality. Sufficient protections will be in place to protect personal data from loss, destruction, unauthorised access, unauthorised disclosure or alteration.
Review: This policy will be reviewed regularly in light of any legislative or other relevant developments.