EAGLE SECURITY SYSTEMS LIMITED
GDPR/ DATA PROTECTION POLICY
It is a legal requirement for the company to comply with the GDPR/ Data Protection Act, 2018. It is
also company policy to ensure that every employee maintains the confidentiality of any personal
data held by the company in whatever form.
Data protection principles
The company needs to keep certain information about its employees, customers and suppliers for
financial and commercial reasons and to enable us to monitor performance, to ensure legal
compliance and for health and safety purposes. To comply with the law, information must be
collected and used fairly, stored safely and not disclosed to any other person unlawfully. This means
that we must comply with the Data Protection Principles set out in the GDPR/ Data Protection Act
These principles require that personal data must be:
obtained fairly and lawfully and shall not be processed unless certain conditions are met;
obtained for specified and lawful purposes and not further processed in a manner incompatible with that purpose;
adequate, relevant and not excessive;
accurate and up to date;
kept for no longer than necessary;
processed in accordance with data subjects’ rights;
protected by appropriate security;
not transferred to a country outside the European Union without adequate protection.
In processing or using any personal information you must ensure that you follow these principles at all times.
Data protection coordinator
To ensure the implementation of this policy the company has designated the Company Secretary as the company’s data protection coordinator.
All enquiries relating to the holding of personal data should be referred to the Company Secretary in the first instance.
Notification of data held
You are entitled to know:
what personal information the company holds about you and the purpose for which it is used;
how to gain access to it;
how it is kept up to date;
what the company is doing to comply with its obligations under the Act.
This information is available from Laura McCutcheon.
As an employee you are responsible for:
checking that any information that you provide in connection with your employment is accurate and up to date;
notifying the company of any changes to information you have provided, for example changes of address;
ensuring that you are familiar with and follow the data protection policy.
Any breach of the data protection policy, either deliberate or through negligence, may lead to disciplinary action being taken and could in some
cases result in a criminal prosecution.
You are responsible for ensuring that:
any personal data that you hold, whether in electronic or paper format, is kept securely;
personal information is not disclosed either verbally or in writing, accidentally or otherwise, to any unauthorized third party;
items that are marked ‘personal’ or ‘private and confidential’, or appear to be of a personal nature, are opened by the addressee only.
You should not use your office address for matters that are not work related.