All JCW employees and contractors adhere to the General Data Protection Regulation (GDPR) and are aware of their personal responsibilities about the way they process customer data. All JCW employees are provided with GDPR training during their induction and are contractually obliged to operate under our GDPR policy at all times.
When processing data, we adhere to the following primary principles:
- Data is obtained and used for our specific business purpose.
- Data is kept on file for a reasonable duration of time to allow for career progression and review.
- Data is not kept for longer than necessary.
- Processing is lawful, fair and transparent.
- Data is kept in a central CRM system which is password protected, safe and secure.
- We follow a strict disciplinary process for any negligence or GDPR breach.
- We use clients and suppliers who have GDPR policies in place and to our own high standards.
- Customer data can be erased entirely upon request.
- All data processing is satisfactory to the GDPR through tried and tested measures.
- All data processing within the business is overseen by a Data Protection Officer.
Our Data Protection Officer (DPO) is Simon Elsbury. If you have any queries regarding your data, please let us know by emailing us at firstname.lastname@example.org where you can raise your concerns in a way that will be managed by our DPO.