Data protection 

 

AlphaGalileo collects, records and uses personal data about the following categories of people: 

  1. past, present and prospective employees (including certain personal information about next-of-kin) 
  2. past, present and prospective customers 
  3. past, present and prospective suppliers 
  4. past and present shareholders 
  5. past, present and prospective advisers 

In order to carry on its business effectively. We recognise that the lawful and correct treatment of personal data is very important to successful operations and to maintaining the confidence of our various stakeholders in the Company. 

Any personal data which we collect, record or use in any way whether it is held on paper, on computer or other media will have appropriate safeguards applied to it to ensure that we comply with the Data Protection Act 1998. We fully endorse and adhere to the eight principles of Data Protection as set out in the Data Protection Act 1998. These principles state that personal data must be:

  1. fairly and lawfully processed 
  2. processed for limited purposes and not in any other way which would be incompatible with those purposes
  3. adequate, relevant and not excessive 
  4. accurate and kept up to date 
  5. not kept for longer than is necessary 
  6. processed in line with the data subject’s rights 
  7. kept secure 
  8. not transferred to a country which does not have adequate data protection laws. 

AlphaGalileo’s purpose for holding personal data and a general description of the categories of people and organisations to whom we may disclose it are listed in the UK’s Data Protection register.

This register may be inspected or a copy obtained from the Information Commissioner’s Office.

Under the Data Protection Act, any individual may write to the Data Protection Controller and request a copy of the information which we hold about them.  

In order to meet the requirements of the principles, AlphaGalileo employees will: 

  1. observe the conditions regarding the fair collection and use of personal data 
  2. meet our obligations to specify the purposes for which personal data is used 
  3. collect and process appropriate personal data only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements
  4. ensure the quality of personal data used 
  5. apply strict checks to determine the length of time personal data is held 
  6. ensure that the rights of individuals about whom the personal data is held, can be fully exercised under the Act 
  7. take appropriate security measures to safeguard personal data
  8. ensure that personal data is not transferred abroad without suitable safeguards.

No personal data held by the Company will be disclosed to any party save as set out in our Data Protection notification. To comply with this notification, no personal data held by the Company may be disclosed to any party: 

  1. without first receiving the permission of the Data Controller; or 
  2. without first receiving the data subject’s explicit permission; or 
  3. unless the Company is under a legal obligation to do so. 

Breach of this policy is regarded as a serious offence by the Company. 

The Data Controller is the Finance Director.