1. Introduction
“The Lion of Bengal” is committed to protecting the privacy and personal data of our customers, employees, and partners. This policy outlines our approach to compliance with the UK General Data Protection Regulation (UK GDPR) and our commitment to ensuring the lawful and fair processing of personal data.
2. Scope
This policy applies to all personal data processed by “The Lion of Bengal” in the course of our business activities, regardless of the format or medium in which it is stored.
3. Principles of Data Protection
“The Lion of Bengal” adheres to the following principles of data protection:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
4. Data Collection and Processing
“The Lion of Bengal” collects and processes personal data only for specified, explicit, and legitimate purposes. We collect personal data directly from individuals and ensure that it is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
5. Lawful Basis for Processing
“The Lion of Bengal” processes personal data only when one or more lawful bases for processing apply, as outlined in the UK GDPR. These lawful bases include consent, contract, legal obligation, vital interests, public task, and legitimate interests.
6. Data Subject Rights
“The Lion of Bengal” respects the rights of data subjects as outlined in the UK GDPR, including the right to access, rectification, erasure, restriction of processing, data portability, and objection to processing. Data subjects can exercise these rights by contacting our Data Protection Officer (DPO).
7. Data Security
“The Lion of Bengal” implements appropriate technical and organisational measures to ensure the security of personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage.
8. Data Breach Response
“The Lion of Bengal” has procedures in place to detect, report, and investigate personal data breaches. In the event of a data breach, we will notify the Information Commissioner’s Office (ICO) and affected data subjects without undue delay.
9. Data Protection Impact Assessments (DPIAs)
“The Lion of Bengal” conducts DPIAs for high-risk data processing activities to assess and mitigate risks to data subjects’ rights and freedoms.
10. Data Protection Training and Awareness
“The Lion of Bengal” provides regular data protection training to employees and raises awareness of their responsibilities under the UK GDPR.
11. Data Protection Officer (DPO)
“The Lion of Bengal” has appointed a Data Protection Officer (DPO) who is responsible for overseeing compliance with the UK GDPR and acting as a point of contact for data subjects and the ICO.
12. Compliance Monitoring and Review
“The Lion of Bengal” regularly monitors compliance with this policy and reviews its effectiveness to ensure ongoing compliance with the UK GDPR and other relevant data protection laws and regulations.
13. Policy Updates
This policy is subject to regular review and may be updated to reflect changes in data protection legislation or business practices. Any updates will be communicated to employees and other relevant stakeholders.
14. Contact Information
For inquiries regarding this UK GDPR Policy or the processing of personal data by “The Lion of Bengal,” please contact us directly.