GDPR Policy

 

  1. Introduction

At Halo Autocare, we are committed to protecting the privacy and security of our customers' personal data. This GDPR policy outlines our approach to information security, data protection, and data retention to ensure compliance with the General Data Protection Regulation (GDPR).

  1. Data Protection Policy

2.1 Data Protection Principles

Halo Autocare adheres to the following principles regarding data protection:

  • Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and in a transparent manner.
  • Purpose limitation: We collect personal data for specified, explicit, and legitimate purposes and do not process it further in a manner incompatible with those purposes.
  • Data minimization: We collect and process only the personal data that is necessary for the purposes for which it is being processed.
  • Accuracy: We ensure that personal data is accurate and kept up to date. We take reasonable steps to rectify or delete inaccurate data.
  • Storage limitation: We keep personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
  • Integrity and confidentiality: We process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, and against accidental loss, destruction, or damage.

2.2 Data Protection Policy Implementation

  • We have appointed a Data Protection Officer (DPO) who is responsible for overseeing compliance with GDPR and ensuring that personal data is processed securely.
  • Employees are trained on GDPR compliance and data protection best practices.
  • We conduct regular reviews and audits of our data processing activities to ensure compliance with GDPR requirements.
  • We only collect and process personal data for specified, explicit, and legitimate purposes, and we do not process personal data for any purpose that is incompatible with those purposes.
  • Personal data is processed securely against unlawful or unauthorized processing, accidental loss, destruction, or damage.
  1. Data Retention and Deletion
  • We have implemented data retention policies and procedures to ensure that personal data is not kept for longer than necessary for the purposes for which it was collected.
  • Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements.
  • When personal data is no longer necessary for the purposes for which it was collected, we will securely delete or anonymize it in accordance with our data retention policies.
  1. Conclusion

Halo Autocare takes the protection of personal data seriously and is committed to complying with GDPR requirements. Our GDPR policy outlines our approach to information security, data protection, and data retention to ensure the privacy and security of our customers' personal data. If you have any questions or concerns about our GDPR policy or how we process personal data, please contact our Data Protection Officer.