CYRIL ORCHARD GROUP GDPR STATEMENT
At Cyril Orchard Group we take our data protection responsibility very seriously. Over the past few months, we have been taking various steps to prepare for compliance with the EU General Data Protection Regulation (known as GDPR).
Cyril Orchard Group controls the personal information that we hold with regard to Clients, Consultants, etc. This is based on the fact that we make our own independent decisions as to what personal information we need in order to deliver these services and we decide what happens to this information.
In particular, we decide on how personal information is used in the context of delivering our services. Guidance from the UK Information Commissioner’s Office (or ICO) also confirms that professional service firms will be controllers rather than processors of any personal information they use in the delivery of services.
More information about how we use personal information in its role as a controller is available in our Privacy Notice.
In addition to our Privacy Notice we have also been taking the following steps to work towards compliance with GDPR:
We have conducted an internal audit of our use of personal information, both historic data and the current data collection, to better understand our data flows and assess our legal basis for using personal information.
If you have any queries about this statement or our approach to data protection matters please contact our data protection officer at firstname.lastname@example.org