Marie Church Cognitive Behavioural Services has to keep personal data on employees, customers and organisations, as a normal part of our activities. This data must be held in accordance with the requirements of The General Data Protection Regulation (GDPR) (EU) 2016/679 and the Data Protection Act 1998.
In compliance with the GDPR and Data Protection Act 1998, Marie Church Cognitive Behavioural Services undertakes to comply with the following principles.
Personal data shall be processed fairly and lawfully
Personal data shall be obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose
Personal data shall be adequate, relevant and not excessive
Personal data shall be accurate and, where necessary, kept up to date
Personal data processed for any purposes shall not be kept for any longer than necessary
Personal data must be kept in accordance with the rights of data subjects under this act
Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data
Customers and other non-employees have the right under the Act to know what personal data Marie Church Cognitive Behavioural Services holds on them. For further information please contact – Marie Church Data Controller