Policy Statement:

Edgar Shopfitting Ltd is committed to protecting the personal data of all employees, clients, and business partners. We will comply with the General Data Protection Regulation (GDPR), ensuring that all personal information is handled securely, transparently, and in line with UK data protection laws.

Scope:

This policy applies to all employees, contractors, and any individuals who have access to personal data within the business, including client and employee information.

Objectives:

• Safeguard personal data from unauthorised access, use, or disclosure.
• Ensure that personal data is collected, stored, and processed lawfully and securely.
• Provide transparency to individuals regarding how their data is used.

Responsibilities:

• Employees: Must ensure that personal data is handled securely and not shared without proper authorisation. They should report any data breaches or concerns immediately.
• Management: Responsible for ensuring GDPR compliance and ensuring staff are trained in data protection principles. Management should conduct regular reviews and audits of data protection practices.

Consequences:

Any employee found to be mishandling personal data may face disciplinary action, including dismissal. Serious breaches of GDPR requirements may result in legal action.