Data Protection Policy

This policy document applies to Destination Bristol, Company 3715280 ('the Organisation').

Data Protection Principles

Destination Bristol is committed to complying with the Data Protection Act 1998 and the principles of the Act.

Data will be

- Fairly and lawfully processed
- Obtained for only specified lawful purposes.
- Adequate, relevant and not excessive.
- Accurate and where necessary kept up to date.
- Kept no longer than is necessary for its purpose.
- Processed in accordance with the Act.
- Secure
- Not transferred to countries without adequate level of protection

The Managing Director will be the Data Controller responsible for the overall application of Data Protection throughout the Company.

Each Manager is responsible for ensuring that the Policy is applied within their business unit.

The Managing Director will ensure that all personnel are aware of their right to review their personal data, and their responsibility to ensure that their personal information is correct.

The Managing Director will ensure that appropriate technical and organisational measures are taken against unauthorised or unlawful processing of personal information and against accidental loss of, destruction of or damage to, personal information.

Destination Bristol is committed to complying with the Data Protection Act, and to ensuring that the principles of data protection are extended not only to all personal information, however held, but also to all official, confidential-commercial and client information.