Azure Consulting – Data Protection Policy

Azure Consulting Ltd collects, stores and uses personal data about individuals including present, prospective and past client’s in order to carry on its business and meet its requirements effectively.  We recognise that the lawful and correct treatment of personal data is very important to successful operations and to maintaining our client’s confidence in us.

Any personal data which we collect, record or use in any way whether it is held on paper, on computer or other media will have appropriate safeguards applied to it to ensure that we comply with The General Data Protection Regulation (GDPR) (EU) 2016/679 (referred to as GDPR for the purposes of this policy). We fully endorse and adhere to the six principles of the GDPR. These principles state that personal data must be:-

1.    Processed lawfully and be transparent

2.    Collected for specified, explicit and legitimate means

3.    Must be adequate, relevant and limited to what is necessary

4.    Accurate and where necessary must be kept up to date

5.    Retained only for as long as is necessary

6.    Processed in a manner to ensure security

Our purpose for holding personal data and a general description of the categories of people and organisations to which we may disclose it are listed in the Data Protection Register. You may inspect this or obtain a copy from the Information Commissioner’s Office. We will not disclose information to any third party unless we believe it is lawful to do so.

In order to meet the requirements of the principles, we will:

  • Observe the conditions regarding the fair collection and use of personal data
  • Meet our obligations to specify the purposes for which personal data is used
  • Collect and process appropriate personal data only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements
  • Ensure the quality of personal data used
  • Apply strict checks to determine the length of time personal data is held
  • Ensure that the rights of individuals about whom the personal data is held, can be fully exercised under the GDPR
  • Take appropriate security measures to safeguard personal data
  • Ensure that personal data is not transferred abroad without suitable safeguards