Our website address is: http://spinach.co.uk.
The General Data Protection Regulation (GDPR) becomes law in the UK on 25 May 2018. It strengthens the rights of individuals to control the way in which their personal information is used and It increases the obligations on businesses to ensure that any personal data they collect is dealt with in a fair and transparent way.
There are 8 data protection principals
- DATA MUST BE USED FAIRLY & LAWFULLY
- DATA MUST BE USED FOR LIMITED, SPECIFIED, STATED PURPOSES
- DATA MUST BE USED IN A WAY THAT IS ADEQUATE, RELEVANT AND NOT EXCESSIVE
- DATA MUST BE ACCURATE AND UP TO DATE
- DATA NOT TO BE KEPT FOR LONGER THAN IS NECESSARY
- DATA TO BE PROCESSED & HANDLED IN ACCORDANCE WITH THE PRIVATE INDIVIDUALS DATA PROTECTION RIGHTS
- DATA TO BE KEPT SAFE & SECURE.
- DATA NOT TO BE TRANSFERRED OUTSIDE OF THE EUROPEAN ECONOMIC AREA WITHOUT ADEQUATE PROTECTION
Any recordings, edited footage, pre or post-task or other materials that might include personal data will be stored securely in hard copy and/or electronic format by Spinach for up to 12 months from project completion, in accordance with MRS guidelines and data protection legislation.
After 12 months, or earlier if no longer needed, all footage and other research materials containing any personal data will be securely destroyed. Under no circumstances will any personal data be broadcast, put in the public domain, used for any purpose other than what was originally given consent for, or transferred to parties unconnected to the research without prior consent.
The right to be forgotten exists where there is no compelling reason for personal information about an individual continuing to be held and used, for example where it is no longer needed for the purpose for which it was collected or where use of the information was only permissible because of the individuals consent and this has since been withdrawn.
However, it is not an absolute right which means that where, for instance, there is a legal or contractual obligation to continue to use the information or where the information is needed for the bringing or defending of a legal claim, a request for erasure can be refused.
Where someone asks for erasure and we determine that this should be respected, we will ensure that this occurs. We will also notify any third party we have shared the information with so that they can take steps to erase it as well.
Spinach adheres strictly to the MRS Code of Conduct and data protection legislation.
Spinach is registered with the ICO and further details can be found at https://ico.org.uk
If you have any questions or concerns, please do contact us at email@example.com.