General Data Protection Regulation (GDPR)

Overview

The Company (Eve Taylor London Limited) takes the security and privacy of your data seriously. We need to gather and use information or ‘data’ about you as part of our business and to manage the relationship which exists between you and our Company. We intend to comply with our legal obligations under the Data Protection Act 2018 (the ‘2018 Act’) and the EU General Data Protection Regulation (‘GDPR’) in respect of data privacy and security.

It is intended that this policy is fully compliant with the 2018 Act and the GDPR. If any conflict arises between those laws and this policy, the Company intends to comply with the 2018 Act and the GDPR.

The Company has measures in place to protect the security of your data in accordance with our data security obligations. The company will only hold data in accordance with our data retention policy. The company will also only hold data for as long as necessary.

The Company is a ‘data controller’ for the purposes of data.

Data Protection Principles

Your personal data must be processed in accordance with six ‘Data Protection Principles.’ It must:

  • be processed fairly, lawfully and transparently;
  • be collected and processed only for specified, explicit and legitimate purposes;
  • be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
  • be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
  • not be kept for longer than is necessary for the purposes for which it is processed; and
  • be processed securely.

If you have any questions concerning our GDPR Policy – please e-mail [email protected].