Contact contact_icon

Data Protection Policy

Introduction

United Networks Group Ltd is committed to ensuring the privacy and security of personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy outlines the principles and procedures that govern the collection, processing, storage, and protection of personal data within our organisation.

Scope

This policy applies to all employees, contractors, partners, and any third parties who process personal data on behalf of the Company. It covers all personal data collected, processed, and stored by the Company, whether in digital or paper form.

Principles of Data Protection

The Company adheres to the following key principles:

  • Lawfulness, Fairness, and Transparency – Personal data shall be processed lawfully, fairly, and transparently.
  • Purpose Limitation – Data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data Minimisation – Only necessary data for the intended purpose shall be collected and processed.
  • Accuracy – Personal data shall be accurate and kept up to date where necessary.
  • Storage Limitation – Data shall be retained only for as long as necessary and securely deleted when no longer required.
  • Integrity and Confidentiality – Data shall be processed securely to maintain its confidentiality and integrity.
  • Accountability – The Company shall take responsibility for compliance and be able to demonstrate its data protection efforts.

Data Subject Rights

Individuals have the following rights under the UK GDPR:

  • The right to be informed about data collection and use.
  • The right of access to their personal data.
  • The right to rectification of inaccurate data.
  • The right to erasure (“right to be forgotten”).
  • The right to restrict processing.
  • The right to data portability.
  • The right to object to processing.
  • Rights related to automated decision-making and profiling.

Data Collection and Processing

The Company shall ensure that personal data is collected and processed based on a legal basis, such as contractual necessity, legal obligations, legitimate interests, or consent. Employees handling personal data must follow proper procedures and safeguards to ensure compliance.

Data Security

The Company implements appropriate technical and organisational measures to protect personal data from unauthorised access, loss, or destruction. These include:

  • Secure storage and encryption of sensitive data.
  • Access controls and authentication procedures.
  • Regular data protection training for employees.
  • Incident response and breach notification procedures.

Data Breach Management

In the event of a data breach, the Company shall promptly assess the risk, take corrective actions, and notify the Information Commissioner’s Office (ICO) and affected individuals where required under UK GDPR.

Third-Party Data Processing

Where third-party processors handle personal data on behalf of the Company, appropriate contracts and safeguards shall be in place to ensure compliance with data protection laws.

Policy Review and Updates

This policy shall be reviewed periodically to ensure continued compliance with applicable data protection laws and best practices.

Contact Information

For any queries regarding this policy or data protection matters, individuals may contact our company by completing the form below.