At O'Connell Contracting, we prioritize the security and privacy of personal data. We're devoted to both protecting the confidentiality of this information and ensuring adherence to pertinent data protection laws. This Data Protection Policy describes how we embody that commitment and the steps we take to safeguard personal data.
This policy encompasses all personal data we gather, process, store, or disseminate in our business operations, irrespective of its format or where it's stored.
Principles of Data Protection
Our commitment to data protection is governed by these key principles:
a) Lawfulness, Fairness, and Transparency: All personal data is processed transparently, fairly, and within the confines of the law.
b) Purpose Limitation: Data is gathered and processed strictly for explicit, defined, and legitimate purposes, avoiding any incompatible uses.
c) Data Minimization: We collect only what's essential, ensuring it's adequate and relevant.
d) Accuracy: We actively maintain data accuracy and rectify any inaccuracies swiftly.
e) Storage Limitation: Data is kept only as long as it's needed, after which it's securely discarded.
f) Integrity and Confidentiality: Technical and procedural measures guard against unauthorized access, loss, or damage.
g) Accountability: We not only follow data protection practices but also exhibit compliance with the relevant laws and norms.
Legal Bases for Processing Personal Data
We always have a legal basis for processing personal data. These include:
a) Consent: Where necessary, we secure clear and informed consent.
b) Contractual Necessity: Processing is sometimes essential for contracts or pre-contractual actions.
c) Legal Obligation: At times, legal mandates necessitate data processing.
d) Legitimate Interests: When our interests, or those of a third party, align and don’t infringe on individual rights.
Rights of Data Subjects
We recognize and uphold individuals' rights, which include:
a) Access: Individuals can view and inquire about their data.
b) Rectification: Inaccurate data can be corrected upon request.
c) Erasure: In some instances, individuals can request data deletion.
d) Restriction of Processing: In specific situations, data processing can be limited.
e) Data Portability: Data can be transmitted to another entity if technically feasible.
f) Object to Processing: Objections can be raised against processing for particular reasons.
g) Automated Decision-Making: Individuals have the right to oppose decisions based solely on automated processes that might adversely affect them.
Our rigorous measures ensure data security:
a) Access Controls: Restricted data access to only those with a legitimate need.
b) Encryption: Data is encrypted both in transit and at rest.
c) Data Minimization: Data collection is limited to only what's essential.
d) Data Breach Response: Protocols are in place for addressing potential data breaches.
For data transfers outside the EEA, we guarantee protective measures, whether through adequacy decisions, standard contractual clauses, or other approved means.
Data is held only as long as necessary and is discarded securely afterward.
Changes to the Data Protection Policy
We may adjust this policy in light of changes to our practices or legal stipulations. We advise periodic reviews. Any updates will take effect from the date specified at the policy's outset.
For further inquiries or to learn more about our digital expertise, visit our website at www.mediaforce.digital.