General Data Protection Regulation (GDPR) Statement

A J Tensile Group Limited is strongly committed to maintaining the privacy of all individuals whose personal data it holds and processes, and managing all such data in accordance with United Kingdom legislation. Within this statement, A J Tensile Group Limited sets out some of the steps it is taking in order to comply with the new legal requirements for the processing of personal data.

A J Tensile Group Limited has undertaken a review of its activities and implemented the requirements of the General Data Protection Regulation (GDPR) to ensure compliance in all areas of our business. This review has included the preparation of a detailed information audit; establishing the extent to which any personal data needs to be processed by A J Tensile Group Limited on behalf of our clients; identifying the lawful basis upon which we process data; understanding the role of any supporting third-party sub-contractors who receive personal data from us and their own compliance position; establishing the periods during which any personal data is retained; conducting a review of our security arrangements.

A J Tensile Group Limited remains committed to the principle that any personal data collected in connection with its own business will not be shared with any other party for the purposes of marketing and will only be shared with a third party when an individual specifically agrees or where it is necessary for the purposes of providing the services requested by our client. Where A J Tensile Group Limited processes personal data for a client, it will only use the data for the purposes of providing the services as directed by the client and for no other reason. A J Tensile Group Limited only processes personal data at its Head Office within the United Kingdom and when that data is input, or imported, to our own database solution and processing is required. It is the case however that data we capture in our role as a ‘response handler’ is sometimes processed outside of A J Tensile Group, when third-party database solutions, processors and suppliers are used by our clients.

Security

A J Tensile Group Limited is committed to ensuring that it has in place the appropriate technical and organisational security measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

As part of its internal arrangements, A J Tensile Group Limited restrict access to only those employees who need to be able to review personal data, vet all employees who have access to personal data and ensure that all such employees have undertaken to keep any personal data confidential.

A J Tensile Group Limited only uses industry certified data centres and cloud service providers who deliver high levels of security, availability and monitoring 24 x 7 x 365 for processing activities including availability and intrusion. All services benefit from quick failover points and regular backing up of data.

Data Breach

In the event of a security breach, A J Tensile Group Limited has processes in place for identifying and reviewing any suspected data breach. If a breach involves the destruction, loss, alteration, unauthorised disclosure or access of any personal data processed for a client, A J Tensile Group Limited will advise the customer as soon as is possible with full details and the steps being taken to limit the effects of the breach. A J Tensile Group Limited will provide full co-operation to the customer in any investigation or that of a regulator.

Data Subject Rights

A J Tensile Group Limited is committed to adhering to the new extended data subject rights for personal data it holds as part of its own business and in providing contracted services to our clients, for whom it processes and stores personal data. This includes being advised of the data held, rectifying errors in the data, destruction and where relevant, the right to restrict any processing. A J Tensile Group Limited does not utilise automated decision making or profiling when processing personal data.

Staff Training

A J Tensile Group Limited has started training appropriate staff on the effects of GDPR and is implementing procedures to ensure staff receive adequate training on joining A J Tensile Group Limited with periodic monitoring and refresher courses. A J Tensile Group Limited is reviewing and updating as necessary all its staff policies to comply with the changes being introduced by GDPR.