JAM (UK) Ltd GDPR strategy
JOHN ALLEN MANAGEMENT (UK) LTD
JOHN ALLEN MANAGEMENT (UK) LTD
GDPR & DPA STRATEGY STATEMENT
Our company’s GDPR strategy document is designed to outline our commitment to observe and comply with all aspects of the General Data Protection Regulation.
GDPR came into effect on 25th May 2018, and has introduced a range of fresh guidelines spelling out the rights of consumers and dictating how companies can store and share information.
Our strategy document offers a high-level explanation of how our company plans to organise and implement our compliance with GDPR and demonstrates our company’s serious commitment about GDPR and (DPA).
1
JOHN ALLEN MANAGEMENT (UK) LTD
This strategy document is reviewed at least every six months and amended as necessary, to ensure that we at JOHN ALLEN MANAGEMENT (UK) LTD are delivering continued and adequate GDPR compliance.
Introduction
As a hugely significant change to the global business landscape, it is critical that JOHN ALLEN MANAGEMENT (UK) LTD embraces all aspects of GDPR to maintain full compliance.
JOHN ALLEN MANAGEMENT (UK) LTD
GDPR and Data Protection Strategy Statement
Last Updated: August 2023
At JOHN ALLEN MANAGEMENT (UK) LTD, we are steadfast
in our commitment to uphold the principles and regulations set
forth in the General Data Protection Regulation (GDPR) and the
Data Protection Act 2018 (DPA).
This strategy document serves as a testament to our unwavering
dedication to ensuring the privacy and security of personal data
entrusted to us under both GDPR and DPA.
We recognise the ever-evolving landscape of data protection, and
as such, this document is subject to review every six months, with
2
JOHN ALLEN MANAGEMENT (UK) LTD
necessary amendments made to maintain our commitment to
compliance with both regulations.
The General Data Protection Regulation (GDPR), enacted by the
European Union in April 2016, and the Data Protection Act 2018
(DPA), a UK-specific legislation that complements GDPR,
became enforceable on May 25, 2018.
These frameworks establish comprehensive rules for data
protection and privacy, setting forth the rights of individuals and
responsibilities for organisations regarding the collection,
processing, and storage of personal data.
“GDPR came into effect on 25th May 2018, and has
introduced a range of fresh guidelines spelling out the
rights of consumers and dictating how companies can store
and share information.”
This regulation represents a significant shift in the global business landscape, necessitating our full compliance under both GDPR
and DPA.
Our commitment and pledge to GDPR and DPA
compliance includes:
1. Data Protection Officer (DPO): We have appointed a Data
Protection Officer who oversees our compliance efforts under
both GDPR and DPA, ensuring adherence to all aspects of the
regulations.
2. Data Mapping and Inventory: We maintain a comprehensive
data processing inventory, documenting all data operations,
3
JOHN ALLEN MANAGEMENT (UK) LTD
including collection, processing, and storage, to facilitate
compliance with both GDPR and DPA.
3. Data Access and Subject Rights: We have established
procedures for handling data subject requests, including access,
rectification, and erasure, enabling individuals to exercise their
rights under both GDPR and DPA.
4. Data Security Measures: Our organisation has implemented
robust security measures, including encryption, access controls,
and regular security audits, to safeguard personal data under both
regulations.
5. Breach Response Plan: We have a well-defined breach
notification process that includes notifying authorities and
affected individuals within the mandated timeframes specified
under both GDPR and DPA.
6. Data Transfer Outside the EU: We ensure the protection of
data transferred outside the European Union and UK through
appropriate mechanisms and safeguards, in accordance with
GDPR and DPA.
7. Third-Party Compliance: We collaborate with partner
organisations, contractors, and third parties to establish
commitments under both regulations, incorporate relevant
contract terms, and enforce compliance controls.
8. Data Impact Assessments (DPIAs): We conduct DPIAs as
necessary to identify and mitigate risks to individuals' data rights,
ensuring comprehensive data protection under both GDPR and
DPA.
4
JOHN ALLEN MANAGEMENT (UK) LTD
9. Employee Training: We prioritize employee training in
compliance with GDPR and DPA, fostering a culture of
responsibility and awareness.
10. Data Retention: Our data retention policies are clearly
defined, specifying retention periods and the criteria used for
determining them, in alignment with both regulations.
11. Regular Audits and Reviews: We regularly review and audit
our data processing activities to assess legality, purpose, and
compliance, ensuring continuous improvement under both GDPR
and DPA.
12. Documentation and Records: We maintain meticulous
records and documentation as mandated by both GDPR and DPA
to demonstrate our commitment to transparency and
accountability.
13. Consent Management: When consent is the lawful basis for data processing, we meticulously manage and document consent in
compliance with requirements under both regulations.
14. Incident Reporting: Our internal procedures for reporting
data protection incidents are clear, and our employees are aware of
their obligations in reporting such incidents, in accordance with
both GDPR and DPA.
15. Continuous Improvement: We remain committed to
ongoing improvement in compliance with both GDPR and DPA,
staying abreast of legal changes and best practices to protect
personal data effectively.
5
JOHN ALLEN MANAGEMENT (UK) LTD
“At JOHN ALLEN MANAGEMENT(UK)LTD, we
wholeheartedly endorse the principles of GDPR and DP A,
emphasising digital rights, transparency, and accountability
in the collection and management of personal data.”
Our pledge is to honour these commitments and to evolve
our GDPR and DPA strategy continually to align with
emerging regulations and the evolving needs of our
business and clients.
6
▪
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.