Any information about you that we hold must be treated lawfully and correctly in line with the safeguards outlined in the UK General Data Protection Regulation (UK GDPR).
This means that any personal information that is held by us must be:
- lawfully, fairly and transparently processed
- processed for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- adequate, relevant and limited to what is necessary in relation to those purposes for which they are processed
- accurate and, where necessary, kept up to date
- kept only for as long as necessary and
- in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technological and organisational measures.