General Data Protection Regulation (GDPR)

Cannell Signs may need to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees and other people the company has a relationship with or may need to contact. The company recognises The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) adopted 27th April 2016, the two-year transition period and the application date of 25th May 2018.

Reasons this policy exists

Through the implementation of our Data Protection policy Cannell Signs;

  • Ensures compliance with data protection law and follows best practice
  • Protects the rights of customers, all individuals that have dealings with the company and our own employees
  • Is open about how it stores and processes individuals data
  • Protects itself from the risks of a data breach

Data Protection Law

The Data Protection Act 1998 and The General Data Protection Regulation (GDPR) describe how organisations, such as Cannell Signs, must collect, handle and store personal information.

The rules apply regardless of how the data is stored whether electronically, on paper or in any other way.

To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.

Cannell Signs shall comply with the Data Protection Principles (the Principles) to ensure all data  is;

 

  • Fairly and lawfully processed
  • Processed for a specific and lawful purpose
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not held for longer than is necessary
  • Processed in accordance with the rights of data subjects
  • Protected in appropriate ways
  • Not transferred outside the European Economic Area (EEA) unless that country also ensures an adequate level of data protection