Data Protection Policy

Principles Of GDPR

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for Data Management the collection and processing of personal information of individuals within the European Union.

Under the Regulations, Individuals have the right to

  • be informed about the collection and use of their personal data.

  • access their personal data and supplementary information.

  • have inaccurate personal data corrected

  • have personal data erased. Also known as the right to be forgotten

  • request the restriction or suppression of their personal data.

  • obtain and reuse their personal data for their own purposes across different services.

  • object to the use and processing of their data

Skyform is a Data Processor. We collect, maintain and use certain personal information about current, past and prospective employees, customers, suppliers and other individuals with whom we have dealings. This includes subcontractor companies and other companies that are involved with the business operation.

Skyform will ensure that all such personal information, whether held on computer, paper or other media, will be obtained, handled, processed, transported and stored safely.

Compliance

In order to comply with the data protection principles, Skyform will:

  • observe fully all conditions regarding the collection and use of personal information;

  • collect and process appropriate personal information only to the extent that it is needed to fulfil operational needs or to comply with legal obligations;

  • ensure that all requests to opt out of the client information database are actioned.

  • ensure that individuals are able to exercise their rights under the GDPR

  • only transfer personal information to external companies that are directly involved in our work and fully compliant with GDPR.

Responsibilities

It is the responsibility of all directors and employees to ensure that the requirements of GDPR are adhered to.

Breach of the Policy

Skyform will take appropriate technical and organisational security measures to safeguard personal information. A breach of this policy will be regarded as a disciplinary offence and will be dealt with under the Company’s formal discipline procedure.

Employees who consider that there has been a breach of this policy in relation to personal information about them held by the Company should raise the matter via the Company’s formal grievance procedure.