Dolly Party Delight Events Ltd
  1. DATA PROTECTION POLICY

1. Introduction

Dolly Party Delight Events Ltd, established in 2012, is a premier event planning and management company committed to creating exceptional event experiences. Our services include weddings, corporate galas, birthday celebrations, proposals, and baby christenings. This policy outlines how we protect and manage personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Purpose

This Data Protection Policy ensures that Dolly Party Delight Events Ltd:

            •           Processes personal data lawfully, fairly, and transparently.

            •           Protects the rights and privacy of individuals.

            •           Safeguards personal data from unauthorized access, loss, or misuse.

            •           Complies with applicable data protection laws and regulations.

3. Scope

This policy applies to all employees, contractors, and third parties handling personal data on behalf of Dolly Party Delight Events Ltd. It covers all personal data processed by the company, including data from clients, employees, suppliers, and event attendees.

4. Definitions

            •           Personal Data: Any information that identifies an individual, such as name, contact details, or payment information.

            •           Processing: Any operation performed on personal data, such as collection, storage, use, or deletion.

            •           Data Subject: The individual whose personal data is being processed.

            •           Data Controller: Dolly Party Delight Events Ltd, responsible for determining the purpose and means of data processing.

            •           Data Processor: A third party that processes data on behalf of the Data Controller.

5. Data Protection Principles

Dolly Party Delight Events Ltd adheres to the following principles:

            •           Lawfulness, Fairness, and Transparency: Data is processed lawfully, fairly, and in a transparent manner.

            •           Purpose Limitation: Data is collected for specified, legitimate purposes and not used for incompatible purposes.

            •           Data Minimization: Only data that is necessary for the intended purpose is collected.

            •           Accuracy: Data is kept accurate and up to date.

            •           Storage Limitation: Data is retained only as long as necessary.

            •           Integrity and Confidentiality: Data is processed securely to protect against unauthorized access or loss.

6. Responsibilities

            •           Managing Director: Has overall responsibility for data protection compliance.

            •           Data Protection Officer (DPO): Oversees the implementation of this policy and acts as a point of contact for data protection issues.

            •           Employees and Contractors: Must comply with this policy and report any data breaches or risks to the DPO.

7. Data Collection and Use

Dolly Party Delight Events Ltd collects personal data for:

            •           Event planning and management.

            •           Communication with clients and stakeholders.

            •           Processing payments and contracts.

            •           Marketing and promotional activities (with consent).

8. Data Subject Rights

Individuals have the following rights under the UK GDPR:

            •           Access: Request access to their personal data.

            •           Rectification: Request corrections to inaccurate data.

            •           Erasure: Request deletion of their data (“right to be forgotten”).

            •           Restriction: Restrict processing under certain conditions.

            •           Portability: Request transfer of their data to another organization.

            •           Objection: Object to processing based on legitimate interests or direct marketing.

Requests can be made by contacting the Data Protection Officer at info@dollypartydelighteventsltd.com.

9. Data Security

Dolly Party Delight Events Ltd implements appropriate technical and organizational measures to protect personal data, including:

            •           Secure storage systems with access controls.

            •           Regular data security audits and risk assessments.

            •           Encryption of sensitive data during transmission.

            •           Training for employees on data protection practices.

10. Third-Party Processors

Dolly Party Delight Events Ltd ensures that all third-party processors comply with data protection laws through:

            •           Data processing agreements outlining their responsibilities.

            •           Regular reviews of their compliance.

11. Data Breach Management

In the event of a data breach:

            •           The Data Protection Officer will assess the breach and take immediate action to mitigate risks.

            •           If the breach poses a high risk to individuals, affected parties will be notified.

            •           Significant breaches will be reported to the Information Commissioner’s Office (ICO) within 72 hours.

12. Retention and Disposal

Personal data is retained only for as long as necessary for the purpose it was collected. When no longer required, data is securely deleted or destroyed.

13. Monitoring and Review

This policy will be reviewed annually to ensure compliance with legal requirements and best practices.

14. Approval

This Data Protection Policy is approved and endorsed by the Managing Director of Dolly Party Delight Events Ltd.

Signed:

[Managing Director’s Name]

Managing Director

Date: [Date]

For inquiries or concerns regarding this policy, please contact:

Dolly Party Delight Events Ltd

208 Kingstanding Road, Birmingham, B44 8JP

Phone: +44 7456 944195, +44 7853 062139

Email: info@dollypartydelighteventsltd.com