Do you transfer personal data outside of the EU?
If so, what steps have you taken to ensure GDPR Compliance?
Do you have a documented process for storing data and retaining it in line with GDPR requirements?
Yes. All data is stored on our secure servers and located behind our company firewall. We utilise a secure Call Handling database.
Has your organisation considered the GDPR Data Minimisation principle and reflected this in your relevant data retention policies?
Yes. Data held within our Call Handling database is “flushed” monthly with data over 12 months being deleted.
Do you encrypt personal data when you transfer it to 3rd parties?
Messages from our Call Handling database are not routinely encrypted. Personal data including Direct Debit and Payroll information is encrypted prior to being transferred.
Please describe how data that is transmitted is protected.