1. Introduction

Fairdeal Electrical Services Limited is committed to protecting the privacy and security of personal data. This Data Protection Policy outlines our approach to ensuring the confidentiality, integrity, and availability of personal information in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.

2. Scope

This policy applies to all employees, contractors, and third-party service providers who have access to personal data held by Fairdeal Electrical Services Limited. It covers all data processing activities, including collection, storage, use, and sharing of personal information.

3. Data Protection Principles

We adhere to the following data protection principles:

Lawfulness, Fairness, and Transparency: Personal data will be processed lawfully, fairly, and in a transparent manner.

Purpose Limitation: Data will be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

Data Minimization: Only data that is necessary for the specified purposes will be collected and processed.

Accuracy: We will ensure that personal data is accurate and kept up to date.

Storage Limitation: Personal data will be kept in a form that permits identification for no longer than necessary.

Integrity and Confidentiality: We will process data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.

4. Data Collection

Personal data will be collected only for specific, explicit, and legitimate purposes. The types of personal data we collect may include:

Contact information (name, address, phone number, email)

Employment details (job title, employer)

Financial information (bank details, payment information)

Technical data (IP address, login data)

5. Data Use

Personal data will be used only for the purposes for which it was collected, which may include:

Providing and managing our services

Communicating with clients and suppliers

Processing payments and financial transactions

Complying with legal and regulatory requirements

6. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption and secure storage of data

Access controls and authentication mechanisms

Regular security audits and vulnerability assessments

Employee training on data protection best practices

7. Data Sharing

We do not share personal data with third parties unless necessary for the purposes of our business operations or required by law. When we do share data, we ensure that appropriate safeguards are in place to protect the information.

8. Data Retention

Personal data will be retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. After this period, data will be securely deleted or anonymized.

9. Data Subject Rights

Individuals have the following rights regarding their personal data:

The right to access their data

The right to rectify inaccurate or incomplete data

The right to erasure (the right to be forgotten)

The right to restrict processing

The right to data portability

The right to object to processing

The right to withdraw consent at any time

10. Breach Notification

In the event of a data breach, we will notify the relevant supervisory authority and affected individuals without undue delay, in accordance with GDPR requirements.

11. Policy Review

This policy will be reviewed regularly and updated as necessary to ensure continued compliance with data protection laws and best practices.