The purpose of this document is to define the Modulous policy for processing, storing and protecting personal data that is subject to the requirements of the Data Protection Act 2018.
The standards listed below require Modulous to follow strict data protection principles when using personal information for business purposes.
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).
Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is:
Modulous Limited (“Modulous”) is committed to complying with our data protection obligations outlined below.
The General Data Protection Regulation (the GDPR) and the Data Protection Act 2018 impose obligations on us, as a Data Controller, to process personal data in a fair manner which notifies data subjects of the purposes of data processing and to retain the data for no longer than is necessary to achieve those purposes.
Under these rules, individuals have a right to be informed about how their personal data is processed. The GDPR and Data Protection Act set out the information that we should supply to data subjects and when data subjects should be informed of this information. We are obliged to provide individuals with information on our retention periods or criteria used to determine the retention periods.
Modulous is committed to achieving consistency and excellence of service and has implemented a procedure setting out how to manage document retention for achieving this. See MD-CS-GLO-007a Document Retention Procedure.