Data Protection Policy

Headline is committed to the protection and security of personally identifiable information.

Whilst identifying and understanding that we operate in a world where data security is becoming increasingly integral, the controls have been established to minimise the likelihood and impact of any incidents relating to the compromise of personally identifiable information.

The policy’s goal is to ensure that the processing of personal information only takes place where it is strictly necessary for legal, regulatory or legitimate operational purposes. Headline does not collect information relating to or directly from children.

Below is framework that has been determined for setting objectives in order to ensure data protection is considered in everything we do and that we continually aim to enhance our PIMS:

• Headline process the minimum amount of personally identifiable information (PII) required for the purposes of collection;
• Headline provide individuals with clear information regarding how their PII is used and by whom through the relevant Privacy Policy;
• All personal information is processed is done in a fair and lawful manner;
• We have an up-to-date documented inventory detailing the categories of PII processed by our organisation;
• We shall only retain personal information for as long as is necessary and shall ensure that secure disposal methods are used once the retention periods are met;
• We respect individual’s rights in relation to their personal information and keep it secure;
• We don’t transfer Personnel information outside of the UK.

The Directors are responsible for maintaining this policy and providing support and advise during its implementation.
All managerial roles are directly responsible for implementing the policy and ensuring staff compliance with respective departments. Compliance with this policy is mandatory.

Date: 28th January 2019
Title: Claudia Head (Director)