Data Protection Policy

For Syncrony Digital Pty Limited developers of BoardCloud

Last updated 10 August 2021

Definitions

BoardCloud

means the BoardCloud application and website developed by Syncrony Digital UK Limited a company with registered address of International House, Constance Street, London E16

GDPR

means the General Data Protection Regulation.

Responsible Person

means Dr Howard Rybko

Register of Systems

means a register of all systems or contexts in which personal data is processed by the BoardCloud

1. Data protection principles

BoardCloud is committed to processing data in accordance with its responsibilities under the GDPR.

At present BoardCloud does not process any personal data.

However, in future, should BoardCloud have the need to process personal data under Article 5 of the GDPR, it will fully comply with all requirements.

Currently, BoardCloud does not in relation to individuals:

  1. Collect or process any personal information for any purpose
  2. Collect any device technical information
  • Collect any GPS data

BoardCloud does:

  1. For contact requests only to collect Name, Surname, Company Name and Contact Number; this data is not stored on the website and is emailed to our support staff.
  2. Anonymously log browser statistics and user behaviour
  • Use the minimum essential cookies only

2. General provisions

  1. This policy applies to all personal data processed by BoardCloud.
  2. The Responsible Person shall take responsibility for BoardCloud’s ongoing compliance with this policy.
  3. This policy shall be reviewed at least annually.

3. Lawful, fair and transparent processing

  1. To ensure its processing of data is lawful, fair and transparent, BoardCloud shall maintain a Register of Systems.
  2. The Register of Systems shall be reviewed at least annually.

4. Accuracy

  1. BoardCloud shall take reasonable steps to ensure personal data is accurate.
  2. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.

6. Archiving / removal

  1. To ensure that personal data is kept for no longer than necessary, BoardCloud shall put in place an archiving policy for each area in which personal data is processed and review this process annually.
  2. The archiving policy shall consider what data should/must be retained, for how long, and why.

7. Security

  1. BoardCloud shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
  2. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
  3. When personal data is deleted this should be done safely such that the data is irrecoverable.
  4. Appropriate back-up and disaster recovery solutions shall be in place.

9. Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, BoardCloud shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO https://ico.org.uk/