IT Managed Services Limited are committed to protecting the privacy and security of personal data. As a UK-based Information Technology company, we adhere to the principles and requirements of the General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This statement outlines our approach to data protection and our commitment to compliance. 

Our Commitment 

1. Lawful, Fair, and Transparent Processing: 

• We process personal data lawfully, fairly, and in a transparent manner. We ensure that individuals are informed about how their data is being used and the purposes for which it is processed. 

2. Purpose Limitation: 

• We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner that is incompatible with those purposes. 

3. Data Minimisation: 

• We ensure that the personal data we collect is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. 

4. Accuracy: 

• We take reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date. We promptly rectify or delete any inaccurate data. 

5. Storage Limitation: 

• We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, in accordance with our data retention policies. 

6. Integrity and Confidentiality: 

• We implement appropriate technical and organisational measures to ensure the security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage. 

7. Accountability: 

• We are responsible for and able to demonstrate compliance with the UK GDPR principles. We maintain records of our data processing activities and regularly review our data protection practices. 

Individual Rights 

We respect and uphold the rights of individuals under UK GDPR, including: 

• Right to Access: Individuals have the right to access their personal data and obtain information about how it is being processed. 

• Right to Rectification: Individuals have the right to request the correction of inaccurate or incomplete personal data. 

• Right to Erasure: Individuals have the right to request the deletion of their personal data in certain circumstances. 

• Right to Restrict Processing: Individuals have the right to request the restriction of processing of their personal data in certain circumstances. 

• Right to Data Portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller. 

• Right to Object: Individuals have the right to object to the processing of their personal data in certain circumstances. 

Data Breach Management 

We have established procedures to detect, report, and investigate personal data breaches. In the event of a data breach, we will notify the Information Commissioner’s Office (ICO) and affected individuals as required by law. 

Contact Us 

If you have any questions about this Data Protection Compliance Statement or our data protection practices, please contact us at: 

• Email: dpo@itmanaged.net 

• Address: West Lancashire Investment Centre, Maple View, White Moss Business Park, Skelmersdale, WN8 9TG 

________________________ 

Revised: September 2024