Privacy Policy

Data Protection Promise

At CDL Facilities LTD, we are committed to protecting your personal data and ensuring that it is handled with care and respect. We comply with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 to ensure that your personal data is protected to the highest standards.

Secure Data Storage

Our servers are located in secure, UK-based data centers with:

  • 24/7 monitoring and access controls to prevent unauthorized access
  • Regular security audits and penetration testing to identify and address vulnerabilities
  • Redundant systems and backup power supplies to ensure business continuity

Encryption Excellence

We use industry-standard encryption (AES-256) to protect your data:

  • In transit: Our website and APIs use HTTPS encryption to ensure that data is encrypted during transmission
  • At rest: Our databases and storage systems use encryption to protect data when it is stored

Access Control

We have strict access controls in place to ensure that only authorized personnel can access your data:

  • Multi-factor authentication to prevent unauthorized access
  • Role-based access controls to ensure that personnel only have access to the data they need to perform their duties
  • Regular access reviews and audits to ensure that access is revoked when no longer necessary

Data Retention

We only retain your data for as long as necessary to provide our services, and we have a data retention policy in place to ensure compliance with regulatory requirements:

  • We regularly review and purge unnecessary data to minimize the risk of data breaches
  • We have procedures in place to ensure that data is securely deleted when it is no longer needed

Third-Party Data Sharing

We do not share your data with third parties unless it is necessary to provide our services, and we ensure that any third-party providers comply with our data protection policies:

  • We have contracts in place with third-party providers to ensure that they meet our data protection standards
  • We regularly review and audit third-party providers to ensure compliance

Breach Notification

In the unlikely event of a data breach, we will:

  • Notify you promptly and transparently about the breach
  • Take immediate action to rectify the situation and prevent further breaches
  • Cooperate fully with regulatory authorities and law enforcement agencies to investigate and resolve the breach

Privacy Policy

Our privacy policy is available on our website and explains how we collect, use, and protect your personal data. We regularly review and update our privacy policy to ensure that it remains accurate and compliant with regulatory requirements.

Cookie Policy

We use cookies on our website to improve your experience, but you can opt-out of non-essential cookies at any time:

  • We provide clear and transparent information about our use of cookies
  • We obtain your consent before using non-essential cookies
  • We provide a mechanism for you to opt-out of non-essential cookies

Subject Access Requests

You have the right to request access to your personal data, and we will respond to your request within 30 days:

  • We provide a clear and transparent process for submitting subject access requests
  • We respond promptly and fully to subject access requests
  • We provide you with a copy of your personal data in a clear and readable format

Changes to this Privacy Policy

This Privacy Policy was last updated on 1 May 2018.

This Privacy Policy may be updated from time to time, so you may want to check it each time you provide personal data to us.