General Data Protection Policy

Data Protection

Avinfotech Data Protection and Privacy Policy

Introduction
This policy outlines how personal data should be collected, handled, and stored by Avinfotech to ensure compliance with the law and the company's data protection standards.

Why This Policy Exists
This Data Protection Policy ensures that Avinfotech:
Complies with relevant data protection laws.
Protects the rights of staff, customers, and partners.
Is transparent about how it stores and processes individuals’ data.
Safeguards the company against data breaches and associated risks.

Data Protection Law
The policy is aligned with the Data Protection Act 1998, which governs how organizations like Avinfotech handle personal information. Whether data is stored electronically, on paper, or in other formats, it must be:
  • Collected and used fairly.
  • Stored securely.
  • Not disclosed unlawfully.
Key Principles include:
  1. Processed fairly and lawfully.
  2. Obtained only for specific purposes.
  3. Adequate, relevant, and not excessive.
  4. Accurate and kept up to date.
  5. Not held longer than necessary.
  6. Processed in line with individuals’ rights.
  7. Securely protected.
  8. Not transferred outside the European Economic Area (EEA) unless proper protection measures are in place.
People, Risks, and Responsibilities
Scope of the Policy
This policy applies to:
  • Avinfotech’s head office and all branches.
  • All staff, contractors, and third-party suppliers working on behalf of Avinfotech.
It covers all personal data held by the company, including:
  • Names, postal addresses, email addresses, and phone numbers.
  • Any other identifiable information.
Data Protection Risks
The policy aims to protect Avinfotech from the following risks:
  • Breaches of confidentiality: Information being shared inappropriately.
  • Failure to offer choice: Individuals should be free to choose how their data is used.
  • Reputational damage: Sensitive data breaches could harm the company’s reputation.
Responsibilities
Key Roles:
  • Board of Directors: Overall responsibility for legal compliance.
  • Data Protection Officer (DPO):
    • Ensures compliance with data protection laws.
    • Organizes data protection training and advice.
    • Manages subject access requests (SARs).
    • Approves third-party contracts involving sensitive data.
  • IT Manager: Ensures data security and manages IT systems in compliance with the policy.
  • Marketing Manager: Oversees data protection in communications and marketing activities.
General Staff Guidelines
  • Data access is limited to authorized personnel only.
  • Strong passwords should be used and never shared.
  • Personal data must not be disclosed to unauthorized individuals.
  • Outdated data should be deleted securely.
Data Storage and Security
  • Paper Records: Kept in locked cabinets and shredded when no longer needed.
  • Electronic Data: Protected by strong passwords, backed up regularly, and stored on secure servers.
  • Cloud Services: Only approved cloud services should be used for storing personal data.
Data Use and Accuracy
  • Personal Data Access: Screens must be locked when unattended, and personal data should not be emailed unless encrypted.
  • Data Accuracy: Regularly updated and reviewed. Avinfotech ensures easy updates via customer interactions or the company website.
 
Subject Access Requests (SARs)
Individuals have the right to request:
  • Information about what data Avinfotech holds about them.
  • Access to their personal data.
  • How to update or correct their data.
Requests can be made to the DPO at info@avinfotech.com. Requests will be processed within 14 days after verification.
Data Disclosure
Under the Data Protection Act, Avinfotech may disclose personal data to law enforcement without consent when legally required. The DPO will ensure such requests are legitimate.
 
Cookies and Website Use
What are Cookies?
Cookies are small text files that store information about your browsing experience. Avinfotech uses cookies to:
  • Ensure the website functions properly.
  • Enhance security and user experience.
  • Analyze website performance.
Types of Cookies:
  • Essential: Necessary for basic website functionality.
  • Statistics: Analyze website traffic and user behavior.
  • Marketing: Personalize advertisements and track campaign performance.
  • Functional: Enhance non-essential features such as social media sharing.
  • Preferences: Save user settings for a more personalized experience.
Users can manage cookie preferences through their browser settings or the “Privacy & Cookie Policy” tab on the website
Copyright Policy
Avinfotech respects intellectual property rights and adheres to all copyright regulations, including the Digital Millennium Copyright Act (DMCA). Copyright infringement claims should be submitted to privacy@avinfotech.com.
 
Content and Community Guidelines
Avinfotech encourages respectful communication and prohibits content that:
  • Promotes violence or hate.
  • Harasses or bullies others.
  • Infringes on copyright or privacy.
  • Spreads misinformation or illegal content.
Violations may result in content removal, account suspension, or termination. Users can report violations at privacy@avinfotech.com.
 
AI Disclaimer
Avinfotech utilizes AI technology to improve content creation and website operations. While every effort is made to ensure accuracy, users should not rely solely on AI-generated content.
 
User Agreement
By using Avinfotech’s services, users agree to comply with these guidelines and policies to foster a safe and secure platform for all.
This policy ensures that Avinfotech maintains high standards of data protection, security, and transparency in all its operations.