Follow Us:

GDPR Compliance Policy

Home GDPR Compliance Policy

1. Introduction

Legal Quotient Consultants (LQConsultants) is committed to ensuring the security and protection of personal data that we process, and to provide a compliant and consistent approach to data protection. This policy outlines how LQConsultants complies with the General Data Protection Regulation (GDPR).

2. Scope

This policy applies to all personal data processed by LQConsultants, including personal data of employees, clients, suppliers, and any other third parties.

3. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Subject: The individual whose personal data is being processed.
  • Processing: Any operation or set of operations performed on personal data, including collection, storage, use, and deletion.
  • Data Controller: The organization (LQConsultants) that determines the purposes and means of processing personal data.
  • Data Processor: A third party that processes personal data on behalf of the Data Controller.

4. Data Protection Principles

LQConsultants adheres to the following principles in relation to the processing of personal data:

  1. Lawfulness, Fairness, and Transparency: Personal data will be processed lawfully, fairly, and in a transparent manner.
  2. Purpose Limitation: Personal data will be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  3. Data Minimization: Personal data will be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
  4. Accuracy: Personal data will be accurate and, where necessary, kept up to date.
  5. Storage Limitation: Personal data will be kept in a form that permits identification of data subjects for no longer than is necessary.
  6. Integrity and Confidentiality: Personal data will be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

5. Data Subject Rights

LQConsultants recognizes and respects the rights of data subjects under GDPR, including:

  • Right to Access: Data subjects have the right to request access to their personal data.
  • Right to Rectification: Data subjects have the right to request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): Data subjects have the right to request the deletion of their personal data where there is no compelling reason for its continued processing.
  • Right to Restrict Processing: Data subjects have the right to request the restriction of processing under certain conditions.
  • Right to Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: Data subjects have the right to object to the processing of their personal data on grounds relating to their particular situation.
  • Rights related to Automated Decision-Making: Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling.

6. Lawful Basis for Processing

LQConsultants ensures that personal data is processed only when there is a lawful basis for doing so. The lawful bases include:

  • Consent: The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Contract: Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which LQConsultants is subject.
  • Legitimate Interests: Processing is necessary for the purposes of legitimate interests pursued by LQConsultants, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

7. Data Protection Officer (DPO)

LQConsultants has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with this policy and GDPR. The DPO is the point of contact for any data protection queries or concerns.

  • Contact Information:
    [Insert DPO Name]
    [Insert Email Address]
    [Insert Phone Number]

8. Data Security

LQConsultants implements appropriate technical and organizational measures to ensure the security of personal data. This includes measures to protect against unauthorized access, alteration, disclosure, or destruction of personal data.

9. Data Breach Notification

In the event of a personal data breach, LQConsultants will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals. Where the breach is likely to result in a high risk, LQConsultants will also notify the affected data subjects without undue delay.

10. Data Transfers

LQConsultants ensures that any transfer of personal data to a third country or international organization is done in compliance with GDPR, and that appropriate safeguards are in place.

11. Training and Awareness

All employees of LQConsultants are provided with regular training on GDPR and data protection best practices to ensure compliance with this policy.

12. Review and Updates

This GDPR Compliance Policy will be reviewed annually or as required to ensure it remains effective and compliant with any changes in the law or business practices.