Data Protection Policy

Purpose

The purpose of this Data Protection Policy is to ensure that Simply France adheres to the legal requirements of the GDPR and UK data protection laws. Our commitment is to protect the personal information of our clients, employees, and any other individuals we engage with in the course of our business operations.

Scope

This policy applies to all personal data processed by Simply France, including data of our users, clients, employees, and third-party service providers, regardless of the data format.

Principles of Data Protection

Simply France is committed to processing data in accordance with its responsibilities under the GDPR and UK data protection laws. Specifically, our data protection principles are:

  1. Lawfulness, Fairness, and Transparency: Processing is always lawful, fair, and transparent to the data subject.

  2. Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.

  3. Data Minimization: Collection of data is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

  4. Accuracy: Every reasonable step must be taken to ensure that personal data is accurate and, where necessary, kept up to date.

  5. Storage Limitation: Personal data is kept in a form which permits identification of data subjects for no longer than necessary.

  6. Integrity and Confidentiality: Processing is done in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Rights of Data Subjects

Simply France ensures that the rights of data subjects are upheld, including the right to:

  • Access their personal data

  • Rectify inaccuracies in their personal data

  • Erase their personal data

  • Restrict the processing of their personal data

  • Object to processing of their personal data

  • Data portability

Data Protection Measures

  • Data Processing Agreements with third-party service providers to ensure they meet GDPR and UK data protection standards.

  • Data Security measures, including encryption, firewalls, and access controls, to protect data integrity and confidentiality.

  • Data Breach Procedures to ensure prompt response to any data breach, including notification to the Information Commissioner's Office (ICO) and affected individuals as required by law.

  • Employee Training on data protection responsibilities to ensure awareness and compliance.

Review and Updates

This policy will be reviewed regularly and updated as necessary to ensure compliance with data protection laws and regulations.

Contact Information

For any questions or concerns regarding this policy or data protection practices, please contact us on info@simplyfrance.co.uk