GDPR Policy

Discover Cellulite Slayer Limited's comprehensive GDPR Policy, ensuring lawful and transparent handling of personal data in compliance with data protection laws. Learn about our commitment to privacy, data protection principles, responsibilities, and measures for risk management. Explore our robust framework for data processing obligations, accountability, and protection of personal data, aimed at safeguarding individual rights and ensuring secure data handling practices.

GDPR Policy – Cellulite Slayer Limited

1. Introduction

This Data Protection Policy outlines the responsibilities of Cellulite Slayer Limited concerning data protection and the rights of individuals whose personal data we collect, use, and process during our business activities. It applies to all Cellulite Slayer employees, workers, and contractors, and compliance is mandatory.

2. Policy Statement

Cellulite Slayer prioritizes respecting privacy and safeguarding personal data of individuals, including clients, customers, and employees. We are committed to handling personal data lawfully, fairly, and transparently, complying with both the letter and spirit of data protection laws.

3. Scope

This policy applies to all personal data processed by Cellulite Slayer Limited, regardless of format or storage media, whether as a controller or processor. We are registered as a data controller with the Information Commissioner’s Office.

4. Definitions

  • Personal data: Any information relating to an identified or identifiable natural person.
  • Process/Processing: Any operation performed on personal data.
  • Sensitive personal data: Includes racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, biometric data, data concerning health, and criminal convictions.

5. Responsibilities

Key responsibilities include ensuring compliance with this policy, raising awareness among personnel, and ensuring personal data is handled securely and lawfully.

6. Data Protection Principles

Principles include processing data lawfully, fairly, and transparently; limiting data to specified purposes; minimizing data collection; ensuring data accuracy; limiting data storage; and implementing security measures.

7. Data Processing Obligations

Responsibilities as a processor include following controller’s instructions, maintaining data security, and assisting with compliance obligations. As a controller, we must provide privacy notices to data subjects and ensure lawful processing.

8. Accountability

Personnel must be aware of their responsibilities, trained appropriately, and contractually bound to comply with data protection requirements. Data processors must adhere to agreements with controllers.

9. Risk Management

We monitor risks associated with personal data processing, implementing measures to safeguard data subjects. DPIAs are conducted where necessary to assess risks.

10. Data Subject Rights

Data subjects have various rights regarding their personal data, including access, rectification, erasure, and objection, which must be facilitated by Cellulite Slayer.

11. Protection of Personal Data

Guidelines include handling personal data with care, restricting access, securely storing data, and ensuring passwords are secure.

12. Data Retention & Destruction

Data retention periods are determined based on necessity, and data must be securely destroyed when no longer needed.

13. International Data Transfers

Transfers of personal data outside the UK are permitted only under specific conditions outlined in the policy.

14. Data Breach Notifications

All personal data breaches must be reported immediately and handled in accordance with the Data Breach Procedure.

15. Implementation & Policy Management

The policy is effective from May 25, 2018, and will be reviewed annually and after any personal data breach.

16. Version & Revision History

Details version history and revisions of the policy.

Schedule 1 – Privacy Notices

Outlines information to be included in privacy notices provided to data subjects.

Schedule 2 – Processor Contracts

Specifies terms to be included in contracts with data processors.

Follow our journey

Shopping cart0
There are no products in the cart!
Continue shopping