Asya International Moves needs to collect and keep certain information about our clients, employees and partners to allow us to do business. This information must be collected and dealt with appropriately and fairly, whether is collected on paper, stored safely in a computer database, or recorded on other material and must not disclosed to any other person unlawfully.
The personal data must:
- be processed fairly and lawfully
- be obtained for specific, lawful purposes
- be adequate, relevant and not excessive
- be accurate and kept up to date
- not be held for any longer than necessary
- processed in accordance with the rights of data subjects
- be protected in appropriate ways
The policy applies to;
- the head office of Asya
- all branches of Asya
- all staff of Asya
- all contractors, suppliers and other people working on behalf of Asya
It applies to all data that the company holds relating to identifiable individuals, and these can include;
- names of individuals
- postal addresses and email addresses
- telephone numbers
- plus any other information relating to individuals
Everyone who works for or with Asya International Movers has some responsibility for ensuring data is collected, stored and handled appropriately. Everyone that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles. By the whole company it must be ensured that
- Any personal data that is being hold is kept securely.
- Neither orally nor in writing, this cannot be disclosed or accidentally or otherwise to any unauthorized third party.
Employees are made aware that unauthorized disclosure will usually be a disciplinary matter, and may be considered gross misconduct in some cases.
Personal information must be:
- kept in a locked drawer or filing cabinet
- if it is computerized , be password protected; or
- kept only on external hard drive which is itself kept securely.
Employees should make sure paper and printouts are not left where unauthorized people could see them, like on a printer.
Data printouts should be shredded and disposed of securely when no longer required.
Subject Access Requests
All individuals who are the subject of personal data held by Asya are entitled to:
- ask what information Asya International Movers holds about them and why
- ask how to gain access to it
- be informed how to keep it up to date
- be informed how the company is meeting its data protection obligations
If an individual contacts the company requesting this information, this is called a subject access request.
Subject access requests from individuals should be made by email, addressed to the quality manager at firstname.lastname@example.org. The quality manager can supply a standard request form, although individuals do not have to use this.
Asya aims to ensure that individuals are aware that their data is being processed, and they understand how the data is being used.
These rules describe how and where data should be safely stored. Questions about storing data safely can be directed to the Quality manager.
When data is stored on paper, it should be kept in a secure place.
Asya as a body corporate is the data controller under the Act, and the Corporation is therefore ultimately responsible for implementation. However, designated data controllers will deal with day to day matters such as:
- to ensure that all data is processed fairly;
- to ensure that the data is accurate, and that processes exist to check and amend data as necessary;
- to ensure that consent is obtained either generally or expressly;
- to ensure that policies and procedures are in place to enable access by those whom the data concerns;
- to ensure that data is kept securely and disposed of properly;
- to make sure the notification requirements are satisfied;
- to make determinations regarding processing of data without consent, in cases of necessity or public interest.
We will communicate this policy and relevant guidance to employees across the company, through our established internal communication channels. We will also communicate this policy to our suppliers, contractors and business partners and wider stakeholders. We are committed to provide relevant training on how to implement this policy.
If you are interested in obtaining the full copy of our Privacy & Data Protection policy, please contact email@example.com