Search
Close this search box.

Data Protection Policy

 
 
The Bank of Knowledge (“the Company”) is committed to protecting the privacy and security of personal data in accordance with applicable data protection laws and regulations. This Data Protection Policy outlines the Company’s commitment to safeguarding personal data, including how it is collected, processed, stored, and managed.
 

Scope

This policy applies to all employees, contractors, and third parties who handle personal data on behalf of the Company. It covers all personal data collected, processed, and stored by the Company in any format, including electronic, paper, or verbal.

Responsibilities

Data Protection Officer (DPO)

The Company has appointed a Data Protection Officer who is responsible for overseeing data protection matters, ensuring compliance with applicable laws, and acting as a point of contact for data subjects and regulatory authorities.

Employees

All employees are responsible for ensuring the proper handling of personal data in their day-to-day activities. They must adhere to this policy and report any data protection concerns to the DPO.

Data Collection And Processing

Lawful Processing

The Company will only collect and process personal data when it has a lawful basis to do so, including the consent of the data subject, contractual necessity, legal obligation, legitimate interests, or the protection of vital interests.

Data Minimisation

The Company will only collect and process personal data that is necessary for the purposes for which it was collected. Unnecessary or excessive data will not be collected or retained.

Transparency

Data subjects will be informed of the purposes for which their data is collected and processed, and their rights in relation to their data.

Consent

Where consent is required for processing personal data, the Company will obtain explicit and freely given consent from data subjects. Consent can be withdrawn at any time.

Data Security

Data Access And Storage

Personal data will be stored securely, and access will be restricted to authorized personnel only. Data will be encrypted, both in transit and at rest, where applicable.

Data Breach Response

In the event of a data breach, the Company will promptly assess and mitigate the impact of the breach, notify affected data subjects and relevant authorities where required by law.

Data Subject Rights

Data subjects have the following rights regarding their personal data:

  • Right to Access
  • Right to Rectification
  • Right to Erasure
  • Right to Data Portability
  • Right to Object
  • Right to Restriction of Processing

 

Data Retention

Personal data will be retained for no longer than necessary for the purposes for which it was collected, and in accordance with applicable laws and regulations.

Training And Awareness

The Company will provide regular data protection training and awareness programs to employees to ensure their understanding and compliance with this policy.

Monitoring And Review

This policy will be reviewed and updated as necessary to ensure ongoing compliance with data protection laws and best practices. The DPO will monitor and report on data protection activities.

Contact Information

Data subjects can contact the Data Protection Officer at: letstalk@thebankofknowledge.co.uk

Effective Date

This Data Protection Policy is effective from 01/02/2024.