Document Reference: IM 06 Data Protection Policy
• Appropriate onsite and off site encrypted back up process to ensure The Company can restore access to personal data in the event of any incidents • Business Continuity Plan (QMF 601)
Business continuity
Data recording and storage
Data accuracy is confirmed either verbally, or via written media. Discarding of old data is checked on an annual basis. Certain legal and legislative obligations require The Company to hold data for specific periods. Customer information is stored securely on operational systems. Payment information is stored and encrypted through Sage. Employee information is stored securely using an external website. A full list of retention periods is updated and reviewed at least annually by the Data Protection Officer. The destruction of data is checked and carried out on an annual basis, using the retention periods list as reference, which is updated annually.
Accuracy
Updating
Storage
Retention periods
Archiving
Cox Management Services Ltd ISO 9001 / ISO 14001 / ISO 45001
Rev 6 01/11/2024 PAS99: 2012 Issue 1
Approved: AK
5
Made with FlippingBook Digital Publishing Software