1. Introduction
Tyler Hampshire Ltd (“the Company”) is fully committed to ensuring the protection of personal data in compliance with the General Data Protection Regulation (GDPR) and all applicable data protection laws. As a marketing company, we recognize the sensitivity and importance of personal data, and we are dedicated to safeguarding the privacy and integrity of the personal data we handle. This Data Protection Policy outlines our principles, responsibilities, and procedures for the collection, processing, and management of personal data to ensure transparency, security, and accountability.
2. Scope
This policy applies to all employees, contractors, third-party vendors, and partners who process personal data on behalf of the Company. It covers all personal data that the Company collects, stores, and processes, whether related to our clients, employees, or business contacts. Compliance with this policy is mandatory, and failure to adhere to it may result in disciplinary action or contract termination.
3. Data Protection Principles
Tyler Hampshire Ltd adheres to the following core data protection principles in accordance with GDPR:
a. Lawfulness, Fairness, and Transparency
We will process personal data lawfully, fairly, and in a transparent manner. Data subjects will be informed about how their data will be used, the purpose of the processing, and the legal basis for doing so.
b. Purpose Limitation
Personal data will be collected for specific, explicit, and legitimate purposes, and will not be further processed in ways incompatible with those purposes unless consent is obtained or as otherwise permitted by law.
c. Data Minimization
We will collect and process only the minimum amount of personal data necessary to fulfill the identified purpose. Unnecessary or excessive personal data will not be collected or retained.
d. Accuracy
We will take reasonable steps to ensure that the personal data we process is accurate and, where necessary, kept up to date. Inaccurate data will be rectified or erased promptly upon discovery.
e. Storage Limitation
We will store personal data only for as long as it is needed for the purposes for which it was collected, unless a longer retention period is required by law. After this period, data will be securely deleted or anonymized.
f. Integrity and Confidentiality
We will implement robust security measures, including encryption, access controls, and regular monitoring, to ensure that personal data is protected from unauthorized or unlawful access, processing, disclosure, or destruction.
g. Accountability
Tyler Hampshire Ltd takes responsibility for ensuring compliance with GDPR and data protection principles, and will maintain records of processing activities as required by law.
4. Data Subject Rights
Data subjects have the right to access, rectify, erase, or restrict the processing of their personal data. They also have the right to data portability and the right to object to certain types of processing. The Company will facilitate and respond to such requests in accordance with GDPR requirements, ensuring timely and effective action.
5. Data Breach Notification
In the event of a personal data breach, Tyler Hampshire Ltd will promptly assess the risk to individuals’ rights and freedoms. If necessary, we will notify the Information Commissioner’s Office (ICO) within 72 hours and inform affected individuals without undue delay. We will document all breaches, regardless of their severity, and take immediate steps to mitigate harm.
6. Third-Party Processors
Where Tyler Hampshire Ltd uses third-party processors to handle personal data on our behalf, we will ensure that they are GDPR-compliant and that appropriate data processing agreements are in place. Third-party processors will be subject to security measures that are equivalent to or exceed our own standards.
7. Training and Awareness
All employees, contractors, and third-party personnel involved in data processing will receive ongoing training on data protection responsibilities and the importance of maintaining compliance with this policy and GDPR. Regular awareness campaigns will be conducted to reinforce the importance of data protection and best practices in our industry.
8. Data Protection Officer (DPO)
To ensure compliance with GDPR, Tyler Hampshire Ltd has appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and implementation. The DPO can be contacted at email ; dpo@tylerhampshire.uk. The DPO will also act as the liaison with regulatory authorities and data subjects regarding data protection matters.
9. Marketing Practices and Consent Management
As a marketing company, Tyler Hampshire Ltd understands the importance of obtaining clear and explicit consent for the processing of personal data, particularly for marketing communications. We will ensure that individuals have the option to provide or withdraw consent easily and that their preferences are respected. Our marketing campaigns will comply with applicable regulations, including the Privacy and Electronic Communications Regulations (PECR), and we will maintain clear records of consent.10. Policy Review
This Data Protection Policy will be reviewed at least annually or whenever there are significant changes to data protection laws or our processing activities. We are committed to ensuring that the policy remains relevant, effective, and up to date in line with evolving regulatory requirements.