DATA PROTECTION POLICY
This is a statement of the data protection policy adopted by CAMG LLP (the Firm). Responsibility for the updating and dissemination of the policy rests with the Data Protection Officer.
The policy is subject to ongoing review to reflect, for example, changes to legislation or to the structure or policies of the Firm. All staff are required to comply with the policy and to seek advice when required.
The Firm in the course of conducting business will collect and use certain types of information about people with whom it deals in order to operate, such as its own employees, suppliers and others with whom the Firm conducts business.
We regard the lawful and correct treatment of personal information by the Firm as important to the achievement of our objectives and to the success of our operations, and to maintain confidence between those with whom we deal and ourselves. We therefore need to ensure that our organisation treats personal information lawfully and correctly.
To this end, we fully endorse and adhere to the Principles of data protection, as set out in the Data Protection Act 1998 (the Act).
The eight Principles require that personal information:
1. shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met;
2. shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes;
3. shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed;
4. shall be accurate and, where necessary kept up to date;
5. shall not be kept for longer than is necessary for the specified purpose(s);
6. shall be processed in accordance with the rights of data subjects under the Act;
7. should be subject to appropriate technical and organisational measures to prevent the unauthorised or unlawful processing of personal data, or the accidental loss, destruction, or damage to personal data;
8. shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level or protection for the rights and freedoms of data subjects in relation to the processing of personal data.
Therefore, the Firm, through appropriate management and strict application of criteria and controls:
▪ observe fully conditions regarding the fair collection and use of information;
▪ meet its legal obligations to specify the purposes for which information is used; collect and process appropriate information only to the extent that it is needed to fulfill our operational needs or to comply with any legal requirements;
▪ ensure the quality of information used;
▪ ensure that the information is held for no longer than is necessary;
▪ ensure that the rights of people about whom information is held can be fully exercised under the Act (i.e. the right to be informed that processing is being undertaken, to access one’s personal information; to prevent processing in certain circumstances, and to correct, rectify, block or erase information that is regarded as wrong information);
▪ take appropriate technical and organisational security measures to safeguard personal information;
ensure that personal information is not transferred abroad without suitable safeguards. To assist in achieving compliance with the principles, the Firm:
▪ has appointed a Data Protection Officer at a senior level with specific responsibility for data protection within the Firm. The current Data Protection Officer is Ian Ruddock or in his absence please contact Andrew Charlesworth in the event you need to obtain further information.
CAMG is authorised and regulated by the Financial Conduct Authority of the United Kingdom (the “FCA”)