Movement Strategies Ltd (company registration number 04925854) is committed to protecting the privacy of the personal data we process. We adhere to best practice across all of our functions, and are compliant in accordance with:
· the Data Protection Act 1988
· General Data Protection Regulation 2016/679
· Relevant guidance from the Information Commissioner's Office (ICO)
We secured Cyber Essentials Plus accreditation in January 2018, demonstrating our awareness and preparedness to cyber security risks.
We have a robust information security management system and we are in the process of securing ISO27001 accreditation.
We are registered with the ICO (registration number ZA287186).
The data we collect and how we use it?
We process data on behalf of data owners, as part of our delivery of consultancy services to our clients. We are also a data owner, where the storage and usage of that data is critical to our business operations, including:
· Information you provide when you contact us (in person or via electronic means)
· Details of your visits to our website
· As part of our recruitment and employment processes
The legal basis of processing data has beenidentified on a case by case basis, in accordance with the relevant guidance.
Where is our data stored?
All data is stored on our servers or in the Cloud, both of which are located in the European Economic Area (EEA).
Disclosure of information
We do not disclose personal data to third parties unless there is a clear ‘legitimate interest’ (e.g. HMRC) or we are legally obliged to do so.
Retention of data
We understand our legal duty to both retain accurate data and to only retain data as long as we need it for our legitimate business interest.