CONFIDENTIALITY & DATA PROTECTION
- Neither party shall at any time during or after an assignment divulge, or allow to be divulged, to any person any confidential information relating to the business or affairs of the other.
- R & Co Communications (The Company) and the Client shall comply with all elements of Data Protection Legislation currently in force in England and Wales.
- The Client is the Data Controller and the Supplier is the Data Processor within the meaning of the Data Protection Legislation.
- The Company processes data in order to comply with the assignment in place with the Client. The data obtained by the Company in the performance of the contract shall not be used by the Company for any other purpose.
- Processing is carried out for the duration of the assignment or as required by law.
- The nature of processing is as defined by the contract between the Supplier and the Client.
- The subject matter of the processing is the services performed under the agreement in place between the Company and the Client.
- The type and nature of personal data processed by the Supplier is as determined and controlled by the Client.
- Categories of data subjects may include but is not limited to:
- Customers of the Client, prospects of the Client, stakeholders of the Client, associates of the Client, suppliers to the Client and other natural persons who use the communication facilities provided by the Company to the Client.
- The officers, employees, agents, advisors and sub-contractors of the Client, the customers of the Client, prospects of the Client, clients of the Client, associates of the Client, and suppliers to the Client.
- The Company shall ensure that all necessary consents and notices are in place to enable lawful transfer of any relevant personal data to the Client for the duration and purposes of the contract.
- The Company shall ensure that they have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. The Supplier is committed to Information Technology best practice.
- The Company shall ensure that personnel who have access to and/or process personal data are obliged to keep that personal data confidential.
- The Company shall comply with reasonable instructions notified in advance by the Client with respect to processing of personal data.
- The Company shall assist the Client, at the Client’s expense, in responding to any request from a data subject and in ensuring compliance with the Client’s obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with government authorities and regulators.
- The Company shall notify the Client without undue delay if the Supplier becomes aware of a personal data breach.
- The Company shall delete personal data and copies thereof to the Client on termination of the Contract unless required by Data Protection Legislation and/or other law to store the personal data.
- The Company shall maintain complete and accurate records and information as required by law.
- The Client agrees to the Company using a sub-processor on the same terms when operational needs require it.
R & Co Communications
3-5 Warwick Pl, Leamington Spa CV32 5BH