top of page

Data Protection Policy

1. Introduction

Efficient Growth Consulting is committed to safeguarding the privacy and security of personal data in accordance with the European Union General Data Protection Regulation (GDPR). This Data Protection Policy outlines our approach to data protection, including the collection, processing, storage, and sharing of personal data. Owen Lewis, Director of Operations, is responsible for overseeing the implementation of this policy.

 

2. Scope

This policy applies to all employees, contractors, and third parties who process personal data on behalf of Efficient Growth Consulting, regardless of their location in our remote-first working environment.

 

3. Principles of Data Protection

We adhere to the following principles when processing personal data:

  • Lawfulness, fairness, and transparency

  • Purpose limitation

  • Data minimization

  • Accuracy

  • Storage limitation

  • Integrity and confidentiality

 

4. Data Collection and Use

We collect and process personal data only for legitimate business purposes, with appropriate consent and lawful basis. Personal data will be used solely for the purposes for which it was collected.

 

5. Data Minimization

We collect only the minimum personal data necessary to achieve our business objectives. Unnecessary data will not be collected or retained.

 

6. Data Security

We implement technical and organizational measures to ensure the security of personal data, including encryption, access controls, and regular security assessments.

7. Data Access and Sharing

Access to personal data is limited to authorized personnel who require it for their roles. Personal data will not be shared with third parties unless necessary for business purposes and with appropriate safeguards.

 

8. Data Subject Rights

Individuals have the right to access, rectify, erase, restrict processing, object to processing, and data portability. Requests related to these rights should be directed to the Data Protection Officer (DPO).

 

9. Data Breach

Response We have procedures in place to detect, assess, and respond to data breaches promptly. In the event of a breach, affected individuals and supervisory authorities will be notified as required by GDPR.

 

10. Cross-Border Data Transfers

When transferring personal data outside the European Economic Area, we ensure that appropriate safeguards are in place, as required by GDPR.

 

11. Data Retention

Personal data will be retained only for the period necessary to fulfill the purposes for which it was collected, unless legal or regulatory requirements dictate otherwise.

 

12. Employee Training and Awareness

We provide regular training to our employees to ensure their awareness of data protection principles and their responsibilities in protecting personal data.

 

13. Policy Review and Update

This policy will be reviewed annually to ensure its continued relevance and compliance with GDPR and any other relevant regulations.

 

Efficient Growth Consulting is dedicated to upholding the highest standards of data protection and privacy. By implementing this Data Protection Policy, we strive to maintain the trust of our clients, partners, and employees in our commitment to safeguarding personal data.

 

Data Protection Officer (DPO):

Owen Lewis, Director of Operations

owen@efficientgrowthconsulting.net

Policy Owner:

Owen Lewis, Director of Operations

 

Date of Policy Adoption:

18th January 2023

 

Date of Last Revision:

3rd April 2023

bottom of page