The General Data Protection Regulation (GDPR) was adopted by the European
Data Protection Parliament in 2016 comes into force throughout the EU on 25 May 2018.

The GDPR will replace the Data Protection Directive (95/46/EC) which is implemented
in the UK through the Data Protection Act 1998 (DPA.

This policy is to confirm that we have conducted an internal audit of our IT systems
and implemented any necessary changes in order that we comply at all times with
the Provisions of the Data Protection Act 1998 and General Data Protection Regulation(s).

We agree only to process Personal Information solely for the services for which we
are providing, as detailed and accepted in our Engagement letter and corresponding
Terms and Conditions, and in line with the law.

We agree not to copy, transfer or disclose any such information to any third party
without your written consent.

Your information will be stored on a Cloud based platform, which is GDPR compliant,
and should the need for any data to be held by any other means, this will be held
securely so as not to jeopardise its confidentiality.

Should you wish to review or withdraw any of the Personal Information which we currently
hold about you, please request this either verbally or in writing to our
Data Protection Officer (DPO).

If your personal data is no longer necessary or required for the purpose it was originally
collected/processed for, then the information will be erased and or destroyed to
comply with our legal obligation.