Animates GDPR Compliance Charter
As a business Animates are dedicated to ensuring that we are compliant with The General Data Protection Regulations (GDPR), meeting the requirements for transparency, accountability and the protection of individuals’ rights.
We are committed to ongoing assessment in the key areas that we believe are necessary. Our aim is to adopt a privacy by design approach. This ensures that both our customers, as well as those on whom we may hold personal data, are confident that we are adopting best practice.
Our GDPR Compliance Charter means that you can be confident that we have and will:
- Make our staff aware of GDPR and ensure they understand what it means
- Ensure our policies and procedures are clear and effective, meaning data is kept securely and used only for appropriate purposes and deleted when no longer needed
- Document what data we hold; reviewing regularly where it came from, why we hold it, what the lawful basis is for holding it and what we do with it
- Check our procedures, to make certain we deal with personal data in line with all legal requirements
- Identify the lawful basis that we have for holding and processing personal data
- Allow anyone on whom we hold personal data, to make a subject access request to find out what personal data we hold on them
- Review how we obtain individuals’ consent to hold their personal data, and offer the right to delete their data or withdraw that consent if they wish to do so
- Undertake data audits, including Privacy Impact Assessments, on a regular basis
- Develop methods to identify any potential or actual data breaches, informing the relevant parties if this happens
- Appoint someone with designated responsibility for data protection
In turn, we anticipate any third party to whom we supply data will operate in the same manner, ensuring that they take all the steps recommended by the Information Commissioners Office.