Progress:
Has your company (if it does not benefit from a notification exemption) notified its data processing activities to the Office of the Information Commissioner?
Does your company have a privacy policy?
Does your company inform individuals, at the point at which their personal is collected, of the purposes for which their data will be used, who it will be disclosed to and of any other information about the use and disclosure of their personal data?
Does your company provide individuals with the opportunity to opt-out of the receipt of marketing or promotional messages?
If you are marketing individual subscribers rather than corporate subscribers by email, do you obtain the prior consent of the individual prior to sending email marketing messages to such persons?
If your company uses another company to process personal information on its behalf, has your company entered into a contract with the other company to require them to comply with the same security provisions in the Data Protection Act that your company is required to comply with?
If your company carries out staff monitoring, are employees made aware that monitoring is being carried out?
Have your employees who deal with personal data been trained in the area of data protection?
Does your company have procedures in place to ensure that subject access requests are responded to within the 40-day time limit?
Has your company appointed an individual to oversee data protection compliance within your company?
If your company transfers personal data outside of the EU, if the destination country DOES NOT provide adequate protection for the data, have you ensured that either you have negotiated a contract between your company and the destination company or that one of the other exemptions to the prohibition to transfer data outside of the EU apply?
Does your company have policies and procedures in place to ensure that personal data is kept accurate and up-to-date?
Does your company have procedures in place to ensure that once personal data has been used for the purpose(s) for which it was collected, that it is not used for any further purposes of which the data subject is not aware?
Has your company implemented security measures to ensure that personal data is kept secure and is not disclosed to persons who do not have a need to see the data?
Our strict privacy policy keeps your email address safe & secure.
