Data Protection Policy
Movement Strategies Ltd collects and analyses data on behalf of our clients, to inform the projects we deliver. We are committed to ensuring that privacy is protected. We have fully embraced the principles and processes of the Data Protection Act 1998 (DPA) and we are currently working towards ISO27001 accreditation; Information Security Management.
Eight Data Protection Principles
When collecting information about people, we apply the Eight Data Protection Principles as follows:
- Personal data should be processed fairly and lawfully;
- Personal data should be obtained only for the purpose specified;
- Data should be adequate, relevant and not excessive for the purposes required;
- Data should be accurate and kept up-to-date;
- Data should not be kept for longer than is necessary for purpose;
- Data is processed in accordance with the rights of data subjects under this act;
- Security: appropriate technical and organisational measures should be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction or damage to personal data;
- Personal data shall not be transferred outside the EEA unless that country or territory ensures an adequate level of data protection.