1. Introduction

​

GN Surveys Ltd is committed to protecting the privacy and confidentiality of personal data collected and processed during our business activities. This Data Protection Policy outlines our commitment to comply with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR).

​

2. Scope

​

This policy applies to all personal data collected, processed, and stored by GN Surveys Ltd, whether in electronic or physical format. It applies to all employees, contractors, and third parties who have access to personal data as part of their duties.

​

3. Principles

​

GN Surveys Ltd adheres to the following principles when processing personal data:

​

3.1 Lawfulness, Fairness, and Transparency:

Personal data is processed lawfully, fairly, and in a transparent manner.

​

3.2 Purpose Limitation:

Personal data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.

​

3.3 Data Minimization:

Personal data collected is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

​

3.4 Accuracy:

Personal data is accurate and, where necessary, kept up to date. Reasonable steps are taken to ensure that inaccurate personal data is rectified or erased without delay.

​

3.5 Storage Limitation:

Personal data is kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

​

3.6 Integrity and Confidentiality:

Personal data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

​

4. Data Collection and Processing

​

4.1 Lawful Basis for Processing:

GN Surveys Ltd will only process personal data when there is a lawful basis for doing so. This may include the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent, or legitimate interests pursued by GN Surveys Ltd or a third party.

​

4.2 Data Minimization:

GN Surveys Ltd will only collect and process personal data that is necessary for the purposes for which it is being processed.

​

4.3 Consent:

Where consent is required for the processing of personal data, GN Surveys Ltd will obtain explicit and informed consent from the data subject.

​

4.4 Data Accuracy:

GN Surveys Ltd will take reasonable steps to ensure that personal data is accurate and kept up to date. Data subjects have the right to request the rectification of inaccurate personal data.

​

4.5 Data Retention:

Personal data will be retained for no longer than is necessary for the purposes for which it is processed. GN Surveys Ltd will establish and maintain a data retention policy to ensure compliance with this principle.

​

5. Data Security

​

5.1 Technical and Organizational Measures:

GN Surveys Ltd will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

​

5.2 Data Breach Response:

In the event of a personal data breach, GN Surveys Ltd will promptly assess the risk to individuals' rights and freedoms and, if required, notify the relevant supervisory authority, and affected individuals in accordance with applicable laws and regulations.

​

6. Data Subject Rights

​

6.1 Access and Rectification:

Data subjects have the right to access their personal data and request its rectification if inaccurate.

​

6.2 Erasure and Restriction:

Data subjects have the right to request the erasure or restriction of their personal data in certain circumstances.

​

6.3 Data Portability:

Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.

​

6.4 Objection and Automated Decision-Making:

Data subjects have the right to object to the processing of their personal data and to not be subject to a decision based solely on automated processing, including profiling.

​

7. Training and Awareness

​

GN Surveys Ltd will provide training and awareness programs to employees and contractors to ensure they understand their responsibilities and obligations under this Data Protection Policy.

​

8. Compliance and Monitoring

​

GN Surveys Ltd will regularly review and monitor compliance with this Data Protection Policy. Any breaches of this policy will be promptly investigated, and appropriate actions will be taken to address the breach.

​

9. Contact Information

​

For any questions or concerns regarding the processing of personal data or to exercise your data subject rights, please
contact us at info@gnsurveys.co.uk

​

10. Policy Review

​

This Data Protection Policy will be reviewed and updated as necessary to ensure ongoing compliance with applicable data protection laws and regulations.

Signed:

 

GNel
Gary Nel
CEO