Code of Conduct

Data Protection Policy for Outsourcing Professional Directors (OPD) Limited, incorporating standard UK GDPR principles:

Outsourcing Professional Directors (OPD) Limited
Data Protection Policy
Effective Date: August 2025

1. Policy Statement

Outsourcing Professional Directors (OPD) Limited is committed to ensuring the privacy and security of personal data by the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection legislation. We collect, store, and process personal data in a lawful, fair, and transparent manner to support our operations and services.

2. Purpose

This policy outlines how OPD protects the personal data it holds, manages data risks, and ensures individuals’ rights are respected. It applies to all staff, contractors, and third parties with access to personal data handled by OPD.

3. Scope

This policy applies to all personal data processed by OPD, whether electronically or in hard copy, relating to clients, employees, contractors, partners, and other stakeholders.

4. Data Protection Principles

OPD adheres to the following principles when processing personal data:

  • Lawfulness, fairness, and transparency: Data is processed lawfully, and individuals are informed about how their data is used.

  • Purpose limitation: Data is collected for specified, explicit, and legitimate purposes.

  • Data minimisation: Only data necessary for the intended purpose is collected.

  • Accuracy: Data is kept accurate and up to date.

  • Storage limitation: Data is retained only as long as necessary.

  • Integrity and confidentiality: Data is processed securely, protecting against unauthorised access, loss, or damage.

  • Accountability: OPD takes responsibility for and can demonstrate compliance with these principles.

5. Legal Bases for Processing

OPD processes personal data based on one or more of the following lawful bases:

  • Consent

  • Contractual necessity

  • Legal obligation

  • Legitimate interests

  • Vital interests

  • Public task (where applicable)

6. Individual Rights

Individuals have the following rights regarding their data:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure (“right to be forgotten”)

  • Right to restrict processing

  • Right to data portability

  • Right to object

  • Rights about automated decision-making and profiling

Requests related to these rights can be made by contacting us at:
📧 info@outsourcedirectors.com
📞 +44 208 145 3355

7. Data Security

OPD implements appropriate technical and organisational measures to ensure data security, including:

  • Secure transmission of data via encryption

  • Controlled access to systems and files

  • Regular data security audits

  • Staff training on data protection

  • Use of secure cloud storage and backup protocols

See our [Security Policy] for more details.

8. Data Sharing and Transfers

Personal data may be shared with third parties or service providers under strict data processing agreements. International data transfers will comply with the UK GDPR, including adequacy decisions or the use of appropriate safeguards, such as Standard Contractual Clauses.

9. Data Breaches

OPD has a robust process for managing data breaches. In the event of a breach, the Information Commissioner’s Office (ICO) will be notified as required, and affected individuals will be informed without undue delay.

10. Retention and Disposal

Personal data is retained in line with our Data Retention Policy. Once data is no longer required, it is securely deleted or destroyed.

11. Training and Awareness

All staff and relevant stakeholders receive regular training on data protection principles, practices, and their responsibilities.

12. Contact and Complaints

For queries or complaints about how OPD handles your data, please contact:

Data Protection Officer
Outsourcing Professional Directors (OPD) Limited
Suite 322B, Ability House
121 Brooker Road
Waltham Abbey, EN9 1JH
United Kingdom
📧 info@outsourcedirectors.com
📞 +44 208 145 3355

You also have the right to complain to the Information Commissioner’s Office (ICO): www.ico.org.uk

13. Review

This policy will be reviewed annually or as required to reflect changes in legislation or OPD’s operations.

Approved by: Sarah Santeng
Position: Chief Executive Director

Date: August 202