Sirec Technologies Ltd is a company registered in England and Wales.
Registered number: 5604364
Registered office: FMCB, Hathaway House, Popes Drive, Finchley, London, N3 1QF
Sirec Technologies Ltd supports and fully acknowledges its responsibilities under the EU General Data Protection Regulation (GDPR), which has been in force since May 2018.
Full policy statement documentation is available on request — please get in touch if you'd like a copy.
The principles we work to
The GDPR enforces key principles to protect individuals and their personally identifiable information (PII):
Lawful — any data processing must meet the tests described in GDPR Article 5, clause 1(a).
Transparent — a clear and concise definition of what data processing will be done.
Fair — all processing carried out conforms with how it has been described.
Minimised — we only store the minimum amount of data required for the purpose.
Accurate — we take reasonable steps to ensure data is accurate.
Limited — data is stored no longer than necessary, and deleted permanently on request by the data subject.
Confidential — data is held securely and, where stored in the cloud, encrypted by default.
The Information Commissioner's Office (ICO) can audit any organisation to assess GDPR compliance. Failure to comply, or evidence of serious data breaches, can result in a fine of up to 4% of annual turnover or up to 20 million Euro, whichever is greater.
What we do to stay compliant
Sirec Technologies Ltd has maintained an ongoing GDPR compliance process since late 2017, including:
All staff undergo training on GDPR principles and confirm their understanding of what data on individuals should be retained, and how.
We maintain a data map of all client data held on behalf of Sirec Technologies Ltd.
All third parties with access to PII have signed compliance agreement statements.
We carry out regular data reviews to identify data that is no longer needed, and delete it.