Our Commitment to GDPR

Cornelle Communications complies with all applicable GDPR regulations.

Everyone working with Cornelle Communications, including contractors and freelancers, are familiar with GDPR and their personal responsibilities and have access to up-to-date resources and training.

We have a privacy policy which informs people what we do with their personal data. We also have data protection policies for third parties we work with, including clients and contractors.

We often work as data processors on behalf of our clients and our ability to fulfil this commitment to our clients is a key part of our compliance with GDPR.  We have a data processing policy and we put data processing agreements in place for all circumstances when we act as data processors for our clients.

We undertake regular audits, data mapping and impact assessments, to ensure our processes are compliant and up to date.

When processing data we undertake the following:

• Processing is lawful, fair and transparent

• Data is collected for a specific purpose and used accordingly

• Data is necessary for the purpose specified

• Data must be accurate and kept up to date, and data subjects have a right towithdraw consent

• Data is not kept for longer than necessary

• The data is kept safe and secure.

We have a notification process in place for any breach and a policy to support subject access requests. No personal data is transferred outside the EU.

If you’d like further information or would like to see copies of our policies, please contact our Data Protection Officer, Siobhán Lavelle ([email protected]).