Data Protection Policy

Signix Limited ("Signix") is committed to ensuring the privacy and protection of personal data collected, processed, and stored in the course of its business operations. This Data Protection Policy outlines Signix's commitment to compliance with applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Scope

This policy applies to all employees, contractors, consultants, and third parties who process personal data on behalf of Signix, including any third-party service providers.

Definitions

Personal Data: Any information relating to an identified or identifiable natural person.

Data Processing: Any operation or set of operations performed on personal data.

Data Subject: An identifiable natural person to whom personal data relates.

Principles

Signix is committed to upholding the following data protection principles:

a. Lawfulness, Fairness, and Transparency: Personal data processing is conducted in a lawful, fair, and transparent manner, ensuring data subjects are informed about the processing of their data.

b. Purpose Limitation: Personal data is collected for specific, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.

c. Data Minimisation: Signix ensures that personal data processed is adequate, relevant, and limited to what is necessary for the intended purposes.

d. Accuracy: Signix takes reasonable steps to ensure that personal data is accurate, kept up to date, and rectified when necessary.

e. Storage Limitation: Personal data is retained for no longer than necessary for the purposes for which it is processed.

f. Integrity and Confidentiality: Signix implements appropriate technical and organisational measures to ensure the security and confidentiality of personal data.

g. Accountability: Signix takes responsibility for its data processing activities and ensures compliance with applicable data protection laws and regulations.

Roles and Responsibilities

a. Data Protection Officer (DPO): Signix designates a Data Protection Officer responsible for overseeing the company's data protection strategy and implementation to ensure compliance with data protection laws and regulations.

b. Employees and Personnel: All employees and personnel are responsible for adhering to this policy and for handling personal data in compliance with the principles and requirements outlined herein.

Data Collection and Use

a. Signix collects personal data for specified and legitimate purposes, and it will not be processed in a way incompatible with those purposes.

b. Personal data will be collected only to the extent necessary for the intended purpose.

Data Security and Access Control

a. Signix implements appropriate technical and organisational measures to ensure the security, confidentiality, integrity, and resilience of personal data.

b. Access to personal data is limited to authorised personnel based on job responsibilities and a need-to-know basis.

Data Subject Rights

a. Data subjects have the right to access, rectify, erase, restrict processing, and portability of their personal data. Requests should be submitted to the Data Protection Officer.

b. Signix will respond to data subject requests within the timeframes stipulated by applicable laws and regulations.

Data Breach Response

a. Signix has procedures in place to detect, report, and investigate personal data breaches.

b. In the event of a data breach, Signix will notify the appropriate supervisory authority and affected data subjects as required by applicable laws and regulations.

Training and Awareness

a. Signix provides regular data protection training to employees and personnel to ensure awareness and compliance with this policy and relevant laws and regulations.

Policy Review and Update

a. This policy will be reviewed periodically to ensure its relevance and effectiveness in protecting personal data.

b. Any updates to this policy will be communicated to all relevant parties.

Contact Information

a. For any questions, concerns, or requests regarding this Data Protection Policy, please contact the Data Protection Officer at [DPO Contact Details].

By following this Data Protection Policy, Signix Limited ensures the privacy and protection of personal data and demonstrates its commitment to compliance with data protection laws and regulations.