Movement Strategies Ltd (company registration number 04925854) is committed to protecting the privacy of the personal data we process. We adhere to best practice across all of our functions, and are compliant in accordance with:
· the Data Protection Act 1988
· General Data Protection Regulation 2006/679
· Guidance from the Information Commissioner's Office (registration number ZA287186)
We secured Cyber Essentials Plus accreditation in January 2018, demonstrating our commitment to cyber security.
We have a robust information security management system and we are in the process of securing ISO27001 accreditation.
The data we collect and how we use it?
We process data on behalf of data owners, as part of our delivery of consultancy services to our clients. We are also a data owner, where the storage and usage of that data is critical to our business operations, including:
· Information you provide when you contact us (in person or via electronic means)
· Details of your visits to our website
· As part of our recruitment and employment processes
The legal basis of processing data is identified on a case by case basis in compliance with legislation.
Where is our data stored?
All data is stored on our servers or in the Cloud, both of which are located in the European Economic Area (EEA).
Disclosure of information
We do not disclose personal data to third parties unless there is a clear ‘legitimate interest’ (e.g. HMRC) or we are legally obliged to do so.
Retention of data
We understand our legal duty to retain accurate data and we only retain data as long as we need it for our legitimate business interest and as long as you are happy for us to do so.