Fair Processing Notice

As part of our commitment to data transparency, we encourage you to read this notice carefully to understand how your information is processed.
This Fair Processing Notice outlines how Safeguard-Me collects, uses, and protects personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the United Kingdom.

1. Data Controller: Safeguard-Me
2. Data Processor: Safeguard-Me

Principles of Data Processing:
Safeguard-Me is committed to processing personal data in a lawful, fair, and transparent manner. Our data processing activities adhere to the following principles:

1. Lawfulness, Fairness, and Transparency: Personal data is processed lawfully, fairly, and transparently in relation to the data subject.

2. Purpose Limitation: Personal data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

3. Data Minimization: Personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

4. Accuracy: Personal data is accurate and, where necessary, kept up to date. Safeguard-Me takes reasonable steps to ensure that inaccurate personal data is rectified or deleted without delay.

5. Storage Limitation: Personal data is kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

6. Integrity and Confidentiality: Personal data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

Data Subjects' Rights

Data subjects have the following rights concerning their personal data:

1. Right to Access: Data subjects have the right to obtain confirmation as to whether or not personal data concerning them is being processed, and where that is the case, access to the personal data.

2. Right to Rectification: Data subjects have the right to rectify inaccurate personal data concerning them.

3. Right to Erasure (Right to be Forgotten): Data subjects have the right to request the erasure of their personal data.

4. Right to Restriction of Processing: Data subjects have the right to restrict the processing of their personal data.

5. Right to Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format.

6. Right to Object: Data subjects have the right to object to the processing of their personal data on grounds relating to their particular situation.

Lawful Basis for Processing:
Safeguard-Me processes personal data on the following lawful bases:

1. Consent: Data subjects have given clear consent for processing their personal data for a specific purpose.

2. Contractual Necessity: Processing is necessary for the performance of a contract with the data subject.

3. Legal Obligation: Processing is necessary for compliance with a legal obligation.

4. Vital Interests: Processing is necessary to protect the vital interests of the data subject or another person.

5. Legitimate Interests: Processing is necessary for the legitimate interests pursued by Safeguard-Me or a third party, except where such interests are overridden by the interests, rights, or freedoms of the data subject.

Data Security:
Safeguard-Me implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk. This includes protecting personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Data Breach Notification:
In the event of a personal data breach, Safeguard-Me will notify the Information Commissioner's Office (ICO) without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons.

Data Protection Impact Assessments (DPIAs):
Safeguard-Me conducts Data Protection Impact Assessments for processing activities that are likely to result in high risks to the rights and freedoms of data subjects. The DPIA evaluates the impact of the envisaged processing operations on the protection of personal data.

International Data Transfers:
If Safeguard-Me transfers personal data to countries outside the European Economic Area (EEA), adequate safeguards will be in place to ensure the protection of personal data.

Review and Update:
This Fair Processing Policy will be reviewed annually and updated as necessary to ensure compliance with applicable data protection laws.

Contact Information:
For any questions or concerns regarding the processing of personal data by Safeguard-Me, please email: privacy@safeguard-me.co.uk

Changes to this Policy:
This Fair Processing Policy may be updated from time to time. The latest version will be available on www.safeguard-me.co.uk or upon request.

Date of last update: January 2024