.png?height=120&name=APP%20ICON%20(1).png)
GDPR, Security, and Data Protection
HRLocker Data Protection Policy Statement
GDPR, Security, and Data Protection
HRLocker has established this Data Protection Policy Statement to provide clear guidance on how personal information is managed across the organization. We are committed to complying with relevant data protection legislation, including the EU General Data Protection Regulation (GDPR), and ensuring the security and confidentiality of personal data. Our management system has been developed in accordance with the ISO 27001 Standard, to which HRLocker is certified. This policy is guided by Article 5 of the GDPR, which outlines the principles relating to the processing of personal data.
Key Principles of HRLocker’s Data Protection Policy
-
Legitimate Purpose:
- Personal information is collected only for legitimate business purposes, which may include legal and regulatory obligations.
-
Data Minimization:
- Only the minimum amount of personal data required for operational effectiveness is processed.
-
Relevance and Adequacy:
- HRLocker ensures that the personal data processed is relevant, adequate, and necessary for the intended purposes.
-
Fair and Lawful Processing:
- All personal data is processed in a fair, lawful, and transparent manner in compliance with data protection laws.
-
Data Inventory:
- HRLocker maintains an inventory of the categories of personal data processed within the organization.
-
Accuracy:
- Personal data is kept accurate and up-to-date. Processes are in place to correct inaccurate or outdated information.
-
Data Retention and Disposal:
- Personal data is retained only for as long as necessary to fulfill legal, regulatory, or business obligations, after which it is securely and appropriately disposed of.
-
Respect for Data Subject Rights:
- HRLocker upholds the rights of individuals regarding their personal information, including the right to access, correct, or delete their data.
-
Secure Data Processing Environment:
- Adequate resources are allocated to ensure personal data is processed and stored in a secure environment, in line with ISO 27001 standards.
-
International Data Transfers:
- Transfers of personal data outside national borders are conducted only where appropriate protections are in place to safeguard the information.
-
Compliance for Cross-Border Services:
- When providing goods and services to EU citizens across national boundaries, HRLocker ensures compliance with all relevant regulatory requirements.
-
Exemptions:
- HRLocker does not currently engage in operations that require the application of data protection exemptions.
-
Management System for Personal Data:
- HRLocker’s management system is designed to oversee the formal management of personal data, ensuring the implementation of all measures outlined in this policy.
-
Governance of Personal Information:
- Internal and external stakeholders involved in the governance of HRLocker’s management system are identified, and their roles are clearly defined.
-
Management Responsibility:
- Senior management has appointed specific individuals with responsibility and accountability for personal data within the management system.
-
Records of Data Processing:
- HRLocker maintains accurate records of all data processing activities as required by law.
Audit and Compliance
HRLocker has implemented an Internal Audit Programme to ensure the ongoing suitability, compliance, and continuous improvement of our data protection management system. Our management system, which complies with ISO 27001, undergoes regular external audits to maintain certification and verify adherence to industry best practices.
The management system has the full support of all stakeholders, and all personnel within HRLocker are provided with this Data Protection Policy Statement to ensure company-wide awareness and compliance.
By adhering to this policy, HRLocker ensures the protection, confidentiality, and lawful processing of personal data, building trust with clients, employees, and external stakeholders.
Did this answer your question?