Security Standards
1. Access control
Joint Data Controller shall ensure that there are sufficient security controls over exterior and interior access to its premises, such security obligations include:
(a) During business hours Joint Data Controller premises are kept secure by an electronic key fob entry system.
(b) Outside of office hours and when otherwise unoccupied the outside doors to Joint Data Controller’s premises are also locked.
(c) Only employees of Joint Data Controller have individual key fobs and relevant keys to the premises.
(d) Third parties visiting Joint Data Controller premises have to sign in and are given an identity card they are then given access by Joint Data Controller staff and escorted during their visit.
(e) Joint Data Controller …show more content…
3. Data Security
(a) Data Controller is registered as a data controller with the Data Commissioner’s Office.
(b) Data is encrypted prior to transmission. Physical dispatch of data is not foreseen.
(c) Joint Data Controller uses certain third-party service providers in respect of the storage of data. We have assessed their security and privacy policies and consider them to be adequate and appropriate for our uses.
(d) Personal data are permitted to be used in for the purposes for which they were originally collected.
(e) Joint Data Controller has appointed a Compliance Officer who is responsible for ensuring Joint Data Controller’s compliance with the Privacy and Data Protection Requirements of GDPR2016/679.
(f) Joint Data Controller uses privacy policies to notify data subjects how personal data about them is used.
(g) Joint Data Controller keeps personal data held by it up to date and does not keep it longer than is reasonably necessary.
4. Staff Obligations and Training
(a) Staff are only given access to information and data which is relevant to their