INTRODUCTION
This Privacy Notice sets out how we deal with your personal data.
We are committed to protecting your privacy and how we handle your personal information
very seriously. Any personal information collected by us is handled in accordance with
applicable data protection legislation.
Information which is collected will be our responsibility and we will act as data controller in
relation to personal data only when we need it for legitimate purposes.
We take privacy and security of your information seriously and will only use such personal
information as set out in this privacy policy.
WHAT DATA WE COLLECT
The personal information we hold / may hold in the future includes:
a) Name, address, date of birth, telephone number, email address, gender, passport
information, visa information
b) Terms and conditions of our Services Agreement
c) Pay and pension details, national insurance number, tax coding and your banking details
d) Details of your employee benefits (eg membership of private medical insurance)
e) The reasons for any periods of absence (eg annual leave, parental leave, sickness
absence)
f) Information about your health and how it may affect your ability to carry out your duties
g) Photographs
h) Travel history
Please note this list is not exhaustive, and there may be other personal data which is held
and will be held
DEFINITIONS
“Personal data” is any information that relates to an individual who can be identified from
that information. Processing is any use that is made of data, including collecting, storing,
amending, disclosing or destroying it.
“Special categories of personal data” means information about an individual’s racial or ethnic
origin, political opinions, religious or philosophical beliefs, trade union membership, health,
sex life or sexual orientation and biometric data.
HOW I COLLECT YOUR DATA
We collect your personal data from you directly (only with your consent)
Miranda Villiers Ltd: Registered Company 127902
WHAT PURPOSES WE USE YOUR PERSONAL DATA FOR
The information provided will be used to for us to carry out our services as a Personal
Executive Assistant for our clients
DATA PROECTION PRINCIPLES
We process personal data in accordance with the following data protection principles:
• personal data is processed lawfully, fairly and in a transparent manner;
• personal data is collected only for specified, explicit and legitimate purposes;
• personal data is processed only where it is adequate, relevant and limited to what is
necessary for the purposes of processing;
• personal data is kept accurate and all reasonable steps are taken to ensure that
inaccurate personal data is rectified or deleted without delay;
• personal data is kept only for the period necessary for processing; and
• appropriate measures are adopted to make sure that personal data is secure, and
protected against unauthorised or unlawful processing, and accidental loss,
destruction or damage.
HOW LONG WE HOLD DATA
We will retain your personal data for as long as necessary to fulfil the purpose for which it
was collected – that being Personal Executive Assistant services.
As a guide, we keep contractual documents for 10 years. Anything else we delete 1 year after
your last interaction with us.
DATA SECURITY
We use up-to-date data storage and security techniques to protect your personal information
from unauthorised access, improper use or disclosure, unauthorised modification or unlawful
destruction or accidental loss.
All personal data is securely destroyed after it has reached the retention period.
DATA SHARING AND DISCLOSURE
We do not share or your data beyond what is agreed as necessary for the provision or
operation of our services to you.
YOUR RIGHTS
You have the right to apply for a copy of the personal data we hold about you and to have
any inaccurate personal data about you rectified.
In some circumstances you may also have the right to ask us to erase your personal data or
restrict its processing. Where we process your data for our legitimate interests, you have the
right to object to such processing.
Please bear in mind that if you object to processing or withdraw your consent, this may affect
our ability to deliver services to you.
DATA BREACHES
Miranda Villiers Ltd: Registered Company 127902
In the unlikely event we discover that there has been a breach of personal data that poses a
risk to the rights and freedoms of individuals, we will report it to the Information
Commissioner within 72 hours of discovery. We will record all data breaches regardless of
their effect.
If the breach is likely to result in a high risk to the rights and freedoms of individuals, it will
tell affected individuals that there has been a breach and provide them with information
about its likely consequences and the mitigation measures it has taken.
INDIVIDUAL RESPONSBILITIES
You are responsible for helping us keep your personal data up to date. You should let us know
if data provided to us changes.
YOUR CONSENT
Before signing up to our Services, we will ask you to sign a copy of this Privacy Policy with
your consent to us holding your data, in accordance with the conditions above