Data Protection statement
This is a statement outlining how JonIT Services
meets its obligations under the Data Protection Act 1998 ("the Act").
The
statement is subject to regular
review to reflect, for example, changes to legislation or to the
structure or policies of JonIT Services.The
statement is made available to all staff who are expected to apply it.
JonIT
Services needs to collect and use certain
types of information about people with whom it deals in order to
operate.
These include: current and previous
Clients; current, past and prospective targets of
investigation; results of investigations; JonIT Services' own employees; suppliers and others with
whom JonIT Services conducts business.
JonIT Services regards the lawful and
correct used of personal information as important to the achievement of
our objectives, to the success of our operations and to maintaining
confidence between those with whom we deal and ourselves. We therefore
aim to ensure that our organisation treats personal information
lawfully and correctly.
To this end, we fully endorse and adhere to the
principles of data protection, as set out in the Data Protection Act
1998 ("the Act").
The eight principles under that Act
require that personal information:
1. must be processed fairly and lawfully and, in
particular, must not be processed unless specific conditions are met;
2. must be obtained only for one or more specified
lawful purposes, and must not be further processed in any manner
incompatible with that purpose or those purposes;
3. must be adequate, relevant and not excessive in
relation to the purpose or purposes for which it is processed;
4. must be accurate and, where necessary, kept
up-to-date;
5. must not be kept for longer than is necessary
for the specified purpose(s);
6. must be processed in accordance with the rights
of data subjects under the Act;
7. should be subject to appropriate technical and
organisational measures to prevent the unauthorised or unlawful
processing of personal data, or the accidental loss, destruction, or
damage to personal data;
8. must not be transferred to a country or
territory outside the European Economic Area ("EEA") unless that
country or territory ensures an adequate level of protection for the
rights and freedoms of data subjects in relation to the processing of
personal data.
In light of these obligations, JonIT Services,
through appropriate management and controls, will:
- observe the conditions regarding the fair
collection and use of personal information;
- meet our
legal obligations to specify the purpose(s) for which the personal information
is to be used;
- collect and process personal information only to
the extent that it is needed to fulfil our operational needs or to
comply with any legal requirements;
- ensure the quality of the personal information
used;
- ensure that personal information is held for no
longer than necessary;
- ensure that the rights of people about whom the
information is held can be exercised under the Act e.g. the right to
access one's personal information, to prevent processing in certain
circumstances and to correct, rectify, block or erase information where
it is wrong etc.
- take appropriate technical and organisational
measures to safeguard personal information;
- ensure that personal information is not
transferred outside the EEA.
In order to achieve
compliance with the Act and its principles, JonIT Services has:
- created and implemented various internal policies
and procedures, available to all staff, outlining individual and
organisational data protection responsibilities and providing detailed
guidance on JonIT Services internal data protection procedures.
- been registered with the
Information Commissioner's Office. Registration number: Z1115746.