Pellcomp &

Data Protection

Since it’s enactment all UK businesses, Government and non-Government organisations, charities, colleges and more that operate in the UK must comply with the GDPRUK and Data Protection Act 2018.

As a Company we strive to ensure all personal data is:

  • Processed fairly and lawfully, 

  • Obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with the purpose, 

  • Adequate, relevant and not excessive for the purpose 

  • Accurate and up-to-date 

  • Is not be kept for longer than is necessary for the intended purpose, 

  • Processed in accordance with the data subject’s rights, 

  • Kept safe from unauthorised processing, and accidental loss, damage and destruction, 

  • Not transferred to a country outside the European Economic Area, unless that country has equivalent levels of protection for personal data, except in specified circumstances. 

Pellcomp has a solid Information Security Management System and are accredited to ISO 27001:2013 

Information Security Management and certificated to Cyber Essentials Plus standard. We have a dedicated Data Protection Officer and IT Security Manager who lead on the continuous review and revision our processes and systems to fully meet the requirements of both the standard and the law. Ongoing regular activity includes:

  • Improvements to security of our hosting platforms

  • Internal and external security audits both of the management system and our technical processes

  • Maintenance of information asset registers

  • Information security training for all staff

  • Risk assessments of all system changes

  • Continuously reviewing and improving the security controls on our internal networks

We at Pellcomp take security very seriously and are constantly looking at ways to improve both the physical security of our premises but also, crucially, the security of the data we hold and host. We are clear about the data we collect and process and the reason for this. A substantial amount of resources and people time go in to the constant monitoring and updating of the security measures employed by the company.

Going forward we continue to monitor and assess the effectiveness of our systems; continue to be transparent in our processing of client’s data; keep clients informed; keep our staff informed of the latest developments; continue to look at ways we can improve our security and look for improvements we can make to our products and services to assist our clients with their compliance.

If anyone has any queries about this or any other points with regards to data processing and the security of data these should be directed to in the first instance.