In order to comply with data laws these policies and procedures have been reviewed and updated to ensure they comply with UK GDPR and The Data Protection Act 2018 to ensure we uphold the highest standards of privacy and data protection:
- Privacy Notice
- Data Protection Policy and Procedures
- Records Management Policy
- Data Security Policy
- Subject Access Request Procedure
- Data Breach Reporting Procedures
Additional measures that we take are:
- Client contracts include data protection and confidentiality clauses.
- Due diligence is carried out to ensure all suppliers comply with data protection laws.
- Staff training for GDPR and cyber security is carried out at employee induction and regular refresher sessions are provided for existing staff.
- The use of data protection impact assessments and a privacy by design approach for new projects which involve the processing of personal data, are used throughout SAAF Education.