Veitch Penny is required to comply in a number of ways with the Data Protection Act 1998 (‘the Act’). The first of these is registration under the Act. It is the responsibility of the Designated Data Controller supported by the IT Manager, to ensure that:
• The firm is registered for all necessary activities under the Act;
• There is a process of continual review to determine whether any changes in the firm’s registration are required as a result of changes in the nature of the business;
• The details of the firm as registered are kept up to date;
• New staff members will be trained on induction.
Data Protection Principles
The second aspect of compliance is the observance of the principles which underlie the Act, namely that all data which is covered by the Act (which includes not only computer data but also personal data held within a filing system) is:
- Fairly and lawfully processed;
- Processed for limited purposes;
- Adequate, relevant and not excessive;
- Not kept longer than necessary;
- Processed in accordance with the data subject’s rights;
- Not transferred to countries without adequate protection.
The use of this website and the submission of any personal data to us, shall constitute your consent to allow us to process your personal data in accordance with the terms of this policy.
Personal data is defined as any personal information (including sensitive personal data) that is capable of identifying you. This may include your name, address, telephone number, fax number or e-mail address.
If you have submitted your personal data, and later decide that you would like us to discontinue, you can choose to "opt-out" at any time.
Personal data may be requested by us, or voluntarily forwarded by you through one of several electronic mail hypertext links or contact forms, present in the body of this website.
Use of personal data
The personal data collected by us from you, may be utilised by us to:
- Fulfil your order and administer your account;
- Notify you about enhancements to our services;
- Market our products and services;
- Contact you by mail, telephone, email, text message, or any other reasonable method.
Disclosure and use of your personal data by third parties
Veitch Penny will not sell or give your personal data to any third party for marketing purposes.
If relevant, we may allow other people and organisations to use information we hold about you for the purpose of providing services you have asked for, or as part of the process of selling one or more of our services.
One of the aspects which the firm is keen to observe is with regard to the security of data. This may mean electronic or physical security.
The need to ensure that data is kept securely means that precautions must be taken against physical loss or damage, and that both access and disclosure must be restricted. All personnel must comply with such policies.
Under the Data Protection Act 1998, you have the right to:
- Ask what information we hold about you and why;
- Ask how to gain access to it;
- Be informed how to keep it up to date;
- Be informed what we are doing to comply with its obligations under the 1998 Data Protection Act.
Any enquiries regarding this policy must be directed in writing for the attention of our Data Protection Compliance Officer.
Please send such requests in writing to 1 Manor Court, Dix’s Field, Exeter, EX1 1UP, marked for the attention of the Data Protection Compliance Officer. Any request must be accompanied by the statutory administration fee of £10.00.
If you believe that any information held by us is incorrect, inaccurate or incomplete, then you must write without delay to our Data Protection Compliance Officer, highlighting the corrective action to be taken. If any information is found to be incorrect, it shall be corrected promptly.