GDPR

GDPR Company Statement – Bradbury Group Ltd.

The General Data Protection Regulation (GDPR) will apply in full as of May 25th 2018.

The GDPR is destined to significantly change data protection across the EU. Bradbury Group have

reviewed the impact of these new regulations and how it affects, amongst other things, the protection of both our suppliers and customers.

There are a number of massive changes currently taking place within Bradbury Group involving the way data is generated, handled and retained. GDPR is playing a vital part in both the choices made with our systems and how they are implemented. The actions being taken will minimise the risk of GDPR sanctions for non-compliance as well as the exposure of customer and supplier information.

The GDPR is founded around a number of principles for the collection and retention of individual and company information.

Bradbury Group is committed to adhering to these principles:

  • Lawfulness, Fairness and Transparency; for every individual, company and organisation.
  • Purpose Limitation; how Bradbury Group must limit and securely manage the data held.
  • Data Minimisation; ensuring the data held by Bradbury Group is limited to that which is legally required.
  • Accuracy; All data Bradbury Group holds is accurate at all times where possible.
  • Storage Limitation; Bradbury Group ensure limitations for data storage are in accordance with contractual and legal obligations.
  • Integrity and Confidentiality; The Bradbury Group internal processes for the collection and retention of information adhere to all necessary policies and regulations to ensure we deliver on our GDPR responsibilities but also can pass on these assurances to our business partners.

 

The Bradbury Group Obligations

To comply with GDPR regulations, in addition to our own existing data protection policies, Bradbury Group will further add:

  • Our obligation to maintain accurate records for the purpose and processing of data as part of Bradbury Group business processes. This also includes appropriate safeguards for the transfer of data both internally and externally, including the transfer of data outside the EEA; identifying safeguards and technical processes and security measures. This is to be provided as a Privacy Policy.
  • The obligation to notify the necessary parties and / or data protection organisations in the unlikely event of a security breach that will directly / indirectly affected data protected under GDPR regulations.
  • The appointment of a data protection officer to fully support both internal and external data users.

 

For further information and any questions or queries, please email gdpr@bradburyuk.com