"CCgroup are the thinking brand's PR agency."
1. Scope
This procedure covers all personal data that is processed by CCgroup with the exception of personal data that is routinely requested by data subjects.
It is the right of all data subjects to ask CCgroup the following:
2. Responsibilities
The Information Asset Owner (”IAO”) shall be responsible for the application and functionality of this procedure and shall handle all Subject Access Requests (“SARs”). The IAO shall report to the Head of IT on all matters relating to SARs.
3. Procedure
All SARs are made using form Subject Access Request Form 92017-C.
The data subject is required to provide evidence of his or her identity by way of a current passport or driving license and his or her signature must be cross-referenced with the signature provided on the Subject Access Request form.
The following information must be provided by the data subject on the Subject Access Request Form: the personal data that is being requested, whether specific data or all data held by CCgroup and where it is being held.
CCgroup is required to record the date on which the Subject Access Request Form, with the accompanying identification evidence, is submitted.
CCgroup has one month from this date to provide to the data subject the personal data requested. Should CCgroup fail to provide the requested information within the one month window, this shall be in direct breach of the GDPR. No extension shall be allowed under any circumstances.
It is vital that the Subject Access Form is sent to the IAO straight away, to ensure that the requested data is collected within the one month window.
The IAO will carry out data collection by one of the following steps:
The IAO shall at all times have access to a data map which sets out the location of all of CCgroup’s stored data.
At no time may personal data ever be altered or destroyed in order to avoid disclosure.
Responsibilities
The IAO is responsible for the following:
Personal data exemption categories
The following data exemption categories apply, meaning that CCgroup does not have to provide personal data covered below:
Personal data provided by CCgroup to a data subject pursuant to a SAR shall be in electronic format, unless the SAR expressly requests otherwise and all items shall be scheduled, displaying the data subject’s name and the date on which the data item was delivered.
4. Document owner
The IAO is the owner of this policy document and must ensure that it is periodically reviewed according to the review requirements contained herein.
The latest version of this policy document dated Fe is available to all employees of CCgroup on the corporate intranet.
This policy document was approved by CCgroup’s Board of directors and is issued by the Chief Executive Officer (”CEO”) on a version controlled basis.
Name of CEO: Richard Fogg Date: 21st February 2018
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.