We are obliged as an organisation, both by law to protect the integrity and confidentiality of personal data held by us with regard to our clients and employees. Individual employees also have that obligation. However you decide to compile your database, it is vital to make sure that both parties stay legally compliant.
Under no circumstances will your data ever be made available, sold to third parties or otherwise marketed.
Integrity lies at the heart of Telecom IQ. The trust that we inspire in our customers and stakeholders is the key to our success as an organization and as individuals and we hold ourselves to the highest standard of professional behaviour. The Telecom IQ Code of Integrity defines the main principles of professional integrity and is an expression of the values that are shared throughout our organization, our businesses and our affiliates.
This Data Protection Policy has been written to assure Telecom IQ employees know their duties under the Data Protection Act 1998 and Record Retention procedures. This policy also states the standards expected by Telecom IQ employees in relation to processing of personal data and safeguarding individuals 'rights and freedoms'. Telecom IQ is registered and by all means committed to following the Data Protection Act 1998.
It is very important to us that we take a serious view of our responsibilities and make sure each appropriate individual complies with the Data Protection principles. If you knowingly reveal any personal data contrary to this policy, you may be held liable to criminal sanctions. Also, any breach of this policy may result to a disciplinary action.
The Data Protection Act 1998 has two main purposes which are:
The other parts of the Data Protection Act 1998 are the eight data protection principles, which include:
Collecting customer data for your contact list is key. When building your contacts database, you have to ensure that you follow the regulations by the Data Protection Act 1998 and The Privacy & Electronic Communications Regulations 2003. However you choose to compile your database, legal compliance is paramount.
The Information Commissioner's Office (ICO) has determined that an organisation cannot send a text message if the recipient has not agreed to it, unless:
simple way to opt out in all the subsequent text messages you have received
For more information on compliance, please visit the ICO site.
If you are sending texts to existing customers, then follow the above rules. If you are sending texts to prospective customers, then you require them to have opted in to receive them first.
This section specifically states the responsibilities of data held which is owned by our clients and includes the recording, processing and security of personal and sensitive information relating to them and the people who work for them.
Whilst it is completely our responsibility to ensure that the personal data held regarding our client is up to date, accurate and taken for lawful purposes. It is your duty to ensure that the information taken from your client is correct and accurately entered on to our database.
It is also our responsibility to make sure that the database and portal is backed up on a regular basis and to ensure there is no loss or personal data. If you come across any errors or have concerns regarding personal data you must report these straight away to your account manager or support team.
Data that is related to a client will never be disclosed to third parties unless the client has given consent in writing. Under no circumstances are third parties ever given access to client data.
Data and records will only be kept for the necessary time. This is a principle found in the Data Protection Act 1998, which requires that personal data "shall not be kept for longer than is necessary for that purpose".
No data file or record should be obtained for more than five years after it is closed unless a reason for longer retention can be put into place. It is to be emphasised that the period of five years is the absolute maximum period. It is sometimes appropriate in regards to the nature of the record to opt for a shorter period.
After the retention period has expired, some records may be kept permanently for historical purposes. Reasons they may be kept is that they may preserve evidence of the origin, development, or other reasons for longer retention which include the following:
To make sure that Telecom IQ follow the Data Protection Act 1998 and all information in any format, destroyed from any Telecom IQ location must not expose confidentiality of our employees, clients and customers.
All office white or coloured paper should be placed in Telecom IQ confidential waste bins that have been provided which is in any way a sensitive document.
Any other paper can be disposed of in a proper way by being put in the boxes or bins provided in Telecom IQ offices for environmentally-friendly disposal of white non-confidential and non-sensitive paper waste.
The measures taken out for the destruction of Confidential or Sensitive Waste on electronic media such as tape, cassette/cartridge, hard drives, CD-Rom, DVD, ZIP drive is as follows:
Media that is being destroyed because either they are showing signs of damage or are obsolete will be physically destroyed by being cut into pieces or other appropriate ways.
Destruction of back-up copies will also be destroyed in this way.
"Data" means information recorded in a form in which it can be processed by equipment operating automatically in response given for that purpose and also includes computer-generated material.
"Personal Data" means data that consists of information that is related to a living individual who can be identified from that given information including any expression of opinion about the individual. This means any data recorded on our computers relating to a living individual.
Appropriate security procedures must be taken place against unauthorised access to or alteration, destruction or disclosure of personal data or accidental loss or destruction of personal data.
Personal Data will only be held for the amount of time that it is needed. When the data is at a point where it is necessary for said data to be destroyed, appropriate measures will take place to ensure the data cannot be used again by third parties. Any file or record that contains personal data will be considered as confidential.