INTRODUCTION

This Privacy Notice sets out how we deal with your personal data.

We are committed to protecting your privacy and how we handle your personal information

very seriously. Any personal information collected by us is handled in accordance with

applicable data protection legislation.

Information which is collected will be our responsibility and we will act as data controller in

relation to personal data only when we need it for legitimate purposes.

We take privacy and security of your information seriously and will only use such personal

information as set out in this privacy policy.

WHAT DATA WE COLLECT

The personal information we hold / may hold in the future includes:

a) Name, address, date of birth, telephone number, email address, gender, passport

information, visa information

b) Terms and conditions of our Services Agreement

c) Pay and pension details, national insurance number, tax coding and your banking details

d) Details of your employee benefits (eg membership of private medical insurance)

e) The reasons for any periods of absence (eg annual leave, parental leave, sickness

absence)

f) Information about your health and how it may affect your ability to carry out your duties

g) Photographs

h) Travel history

Please note this list is not exhaustive, and there may be other personal data which is held

and will be held

DEFINITIONS

“Personal data” is any information that relates to an individual who can be identified from

that information. Processing is any use that is made of data, including collecting, storing,

amending, disclosing or destroying it.

“Special categories of personal data” means information about an individual’s racial or ethnic

origin, political opinions, religious or philosophical beliefs, trade union membership, health,

sex life or sexual orientation and biometric data.

HOW I COLLECT YOUR DATA

We collect your personal data from you directly (only with your consent)

Miranda Villiers Ltd: Registered Company 127902

WHAT PURPOSES WE USE YOUR PERSONAL DATA FOR

The information provided will be used to for us to carry out our services as a Personal

Executive Assistant for our clients

DATA PROECTION PRINCIPLES

We process personal data in accordance with the following data protection principles:

• personal data is processed lawfully, fairly and in a transparent manner;

• personal data is collected only for specified, explicit and legitimate purposes;

• personal data is processed only where it is adequate, relevant and limited to what is

necessary for the purposes of processing;

• personal data is kept accurate and all reasonable steps are taken to ensure that

inaccurate personal data is rectified or deleted without delay;

• personal data is kept only for the period necessary for processing; and

• appropriate measures are adopted to make sure that personal data is secure, and

protected against unauthorised or unlawful processing, and accidental loss,

destruction or damage.

HOW LONG WE HOLD DATA

We will retain your personal data for as long as necessary to fulfil the purpose for which it

was collected – that being Personal Executive Assistant services.

As a guide, we keep contractual documents for 10 years. Anything else we delete 1 year after

your last interaction with us.

DATA SECURITY

We use up-to-date data storage and security techniques to protect your personal information

from unauthorised access, improper use or disclosure, unauthorised modification or unlawful

destruction or accidental loss.

All personal data is securely destroyed after it has reached the retention period.

DATA SHARING AND DISCLOSURE

We do not share or your data beyond what is agreed as necessary for the provision or

operation of our services to you.

YOUR RIGHTS

You have the right to apply for a copy of the personal data we hold about you and to have

any inaccurate personal data about you rectified.

In some circumstances you may also have the right to ask us to erase your personal data or

restrict its processing. Where we process your data for our legitimate interests, you have the

right to object to such processing.

Please bear in mind that if you object to processing or withdraw your consent, this may affect

our ability to deliver services to you.

DATA BREACHES

Miranda Villiers Ltd: Registered Company 127902

In the unlikely event we discover that there has been a breach of personal data that poses a

risk to the rights and freedoms of individuals, we will report it to the Information

Commissioner within 72 hours of discovery. We will record all data breaches regardless of

their effect.

If the breach is likely to result in a high risk to the rights and freedoms of individuals, it will

tell affected individuals that there has been a breach and provide them with information

about its likely consequences and the mitigation measures it has taken.

INDIVIDUAL RESPONSBILITIES

You are responsible for helping us keep your personal data up to date. You should let us know

if data provided to us changes.

YOUR CONSENT

Before signing up to our Services, we will ask you to sign a copy of this Privacy Policy with

your consent to us holding your data, in accordance with the conditions above