.png/:/rs=h:320,cg:true,m/qt=q:95)
Privacy Policy
DATA PROTECTION POLICY
1. Introduction
1.1. Autism Awareness Through Sport C.I.C ("Company," "we," "our," or "us") is committed to protecting the personal data of our employees, customers, partners, and stakeholders in compliance with applicable data protection laws and regulations.
1.2. This policy outlines how we collect, use, store, and protect personal data.
2. Scope
2.1. This policy applies to all employees, contractors, and third parties who handle personal data on behalf of the Company.
2.2. It covers all personal data collected, processed, stored, or shared by the Company, whether in electronic or physical form.
3. Data Collection and Use
3.1. The Company collects personal data only for legitimate business purposes, including but not limited to employee administration, customer service, marketing, and regulatory compliance.
3.2. Personal data is processed lawfully, fairly, and transparently in accordance with applicable laws.
3.3. We ensure that the data collected is relevant, accurate, and limited to what is necessary for the intended purpose.
4. Legal Basis for Processing
4.1. The Company processes personal data based on one or more of the following legal grounds:
- Consent from the data subject
- Contractual necessity
- Legal obligations
- Legitimate business interests
- Protection of vital interests
5. Data Storage and Retention
5.1. Personal data is stored securely using appropriate technical and organizational measures.
5.2. Data is retained only for as long as necessary to fulfill the purposes for which it was collected, unless otherwise required by law.
5.3. When data is no longer needed, it is securely deleted or anonymized.
6. Data Security Measures
6.1. The Company implements appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of personal data.
6.2. Access to personal data is restricted to authorized personnel only.
6.3. Employees and contractors handling personal data receive regular training on data protection practices.
7. Data Subject Rights
7.1. Data subjects have the following rights regarding their personal data:
- Right to access their personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
7.2. Requests to exercise these rights should be submitted to the address at ___________________________________________________________________________.
8. Data Transfers
8.1. Personal data may be transferred to third parties or international locations only if adequate data protection safeguards are in place.
8.2. The Company ensures compliance with applicable data transfer regulations, including standard contractual clauses or other approved mechanisms.
9. Data Breach Management
9.1. In the event of a data breach, the Company will take immediate action to contain and assess the breach.
9.2. If required by law, affected individuals and regulatory authorities will be notified within the prescribed timeframe.
9.3. A detailed incident report will be prepared, and corrective measures will be implemented.
10. Compliance and Review
10.1. The Company regularly reviews this Data Protection Policy to ensure compliance with applicable laws and best practices.
10.2. Employees and relevant stakeholders are required to comply with this policy, and non-compliance may result in disciplinary action.
11. Contact Information
11.1. For any questions regarding this policy or data protection practices, please contact info@aats.uk
Effective Date: June 2024