top of page

Information

Relaxation

Data Collection and GDPR Compliance Policy

1. Introduction

This Data Collection and GDPR Compliance Policy outlines the principles and guidelines that Time to Tune in follows regarding the collection, processing, storage, and protection of personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. The purpose of this policy is to ensure the rights and privacy of individuals whose data is collected, processed, and stored by our organization.

​

2. Scope

This policy applies to all employees, contractors, partners, and third parties who process personal data on behalf of Time to Tune in.

​

3. Data Collection and Processing Principles

  • Lawfulness, Fairness, and Transparency: Personal data will only be collected and processed when there is a lawful basis for doing so, and individuals will be informed about the purposes of data collection and processing in a clear and transparent manner.

  • Purpose Limitation: Personal data will only be collected for specific, explicit, and legitimate purposes. It will not be further processed in a manner incompatible with those purposes.

  • Data Minimization: Only the minimum amount of personal data necessary for the intended purpose will be collected and processed.

  • Accuracy: Reasonable efforts will be made to ensure the accuracy of the personal data collected and processed. Inaccurate or incomplete data will be rectified or erased without delay.

  • Storage Limitation: Personal data will be retained only for as long as necessary to fulfill the purposes for which it was collected. Once the purpose is fulfilled, the data will be securely deleted or anonymized.

  • Integrity and Confidentiality: Appropriate technical and organizational measures will be implemented to ensure the security, confidentiality, and integrity of personal data.

  • ​

4. Data Subjects' Rights

Individuals have the following rights regarding their personal data:

  • Right to access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to data portability

  • Right to object

  • Right not to be subject to automated decision-making

Requests from individuals to exercise these rights will be addressed promptly and in accordance with the GDPR.

 

5. Consent

Where required, explicit and informed consent will be obtained from individuals before collecting and processing their personal data. Consent will be freely given, specific, informed, and revocable at any time.

 

6. Data Security

Appropriate technical and organizational measures will be taken to ensure the security of personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. Regular risk assessments and security audits will be conducted.

​

7. Third-Party Processors

When engaging third-party processors to handle personal data, appropriate contracts and agreements will be established to ensure that they comply with GDPR requirements.

​

8. Data Breach Notification

In the event of a personal data breach, [Your Company Name] will promptly assess the risk to individuals' rights and freedoms and, if required, notify the relevant supervisory authority and affected individuals within the stipulated timeframes.

​

9. Training and Awareness

Employees and contractors who handle personal data will receive regular training on data protection principles, GDPR compliance, and their responsibilities.

​

10. Review and Update

This policy will be reviewed periodically to ensure its ongoing relevance and compliance with changes in data protection laws.

​

11. Contact Information

For any questions or concerns regarding this policy or personal data processing, individuals can contact the Data Protection Officer at time2tunein@gmail.com

This policy was last updated on 27/08/2023

Time To Tune In

Norwich

www.timetotunein.omline

time2tunein@gmail.com

07834817583

bottom of page