« back

GDPR Data Breach Policy

28th June 2018 GDPR Data Breach Policy


1. H & A Recycling Ltd collects, holds, processes and shares personal data.

2. Every care is taken to protect personal data from incidents to avoid a data protection breach.

3. This policy sets out the procedure to be followed for managing any data breach.

4. This policy relates to all personal and special categories of data.

5. The objective of this policy is to contain any breaches and to minimise the risk associated with the breach.

6. An incident includes but is not restricted to, the following:

   a) Loss or theft of confidential or sensitive data or equipment on which such data is stored.

   b) Equipment theft or system failure.

   c) Unauthorised use of data or information systems.

   d) Computer hacking.

7. Any individual who accesses or uses personal information is responsible for reporting data breach and information security incidents immediately to the relevant Management.

8. If the beach occurs or is discovered outside normal working hours, it much be reported to the relevant Management as soon as practicable.

9. Appropriate steps will be taken immediately to minimise the effect of the breach.

10. If necessary, any breaches will be reported to the Information Commissioners Office within 72 hours of us becoming aware of a breach.

Slide 1
Slide 2
Slide 3
Slide 4
Slide 5