Freedom Energy Limited’s commitment to Data Protection under GDPR
Data Protection Officer – Rosie Thornton
Data Protection Act Notice
In order to comply with the conditions of exemption from registration as a data user under the Data Protection Act we hereby give notice that personal data, consisting of the names, dates of birth, addresses and where disclosed, the telephone numbers and email addresses, together with other personal details, is held and processed by computer on behalf of the Company for the purpose of distributing information to supporters and competitors. The information held will not be communicated to any third parties, nor will it be subject to any other automatic processing. lf it is inaccurate in any way, or if you have any objections to this data being held on a computer system, please inform us in writing – email@example.com
What is the GDPR?
The EU General Data Protection Rules (GDPR) come into force on 25 May 2018 and is the most significant piece of privacy legislation in the last twenty years. It aims to strengthen the rights that EU individuals have over their personal data and seeks to unify data protection laws across Europe.
The GDPR will impact every organisation which holds or processes personal data and businesses will be required to demonstrate their compliance. The GDPR also introduces more stringent enforcement and substantially increased penalties for non-compliance than the Data Protection Act (DPA) which it supersedes.
FREEDOM ENERGY LIMITED’s commitment to Data Protection under GDPR
Freedom Energy Limited is registered with the ICO - Registration number: ZB277135
We have appointed a Data Protection Officer (DPO) responsible for overseeing and implementing data protection strategy across the firm to ensure our compliance with the requirements of the GDPR.
We are committed to:
Carrying out a review of our internal data protection policies and procedures and recording what data we hold and process and why;
Being transparent and providing accessible information to clients, our people and third parties about how their personal data is used;
Reviewing our relationships with third parties to ensure that all current and future contractual arrangements are compliant with the GDPR;
Ensuring that appropriate data security and privacy measures are in place across all aspects of the Association;
Educating all staff in GDPR and ensuring all staff are fully aware of their obligations under GDPR by providing appropriate training.
Putting in place efficient processes in relation to the identification and notification of data breaches;
Ensuring the continuous fulfilment of our GDPR obligations by monitoring our compliance via internal audits and annual reviews of all data protection policies and procedures.
Prepare, maintain and annually review all documents that evidence our compliance to GDPR