Purpose
To clarify the DTR policy on the collection and processing of personal data from customers, suppliers, and staff.
Principles
· DTR values the trust placed in us and uses personal data fairly and responsibly.
· We provide clear information about data usage.
· DTR is transparent regarding data collection, processing, sharing, and points of contact for concerns.
· We take reasonable steps to protect data from misuse and ensure security.
· DTR complies with all relevant data protection laws and cooperates with authorities.
Types of Personal Information Processed
· Personal and contact details (title, name, contact history)
· Company information (address, phone, email)
· Date of birth, gender, home address, GP details
· Records of contact via phone, email, or online
· Sensitive data (clinical information, medical reports)
Data Concerns
A Data Administrator (DA) is appointed to coordinate data issues. Contact the DA during working hours by phone or email.
Data Retention
· Personal information is retained as long as necessary for business needs and legal requirements.
· Sensitive data is retained for seven years, or longer if requested by customers.
Data Protection Rights
· Right to be informed about data processing
· Right to correct inaccurate or incomplete data
· Right to object to processing
· Right to restrict processing
· Right to erasure (“right to be forgotten”)
· Right to access personal data at any time
· Right to data portability
Consent
Explicit consent is required for processing all types of personal and sensitive data. By consenting to this policy, you permit DTR to process your data for the purposes outlined.
Disclosure
DTR does not share personal information with third parties. To request removal of your data after completion of services, please contact the DA in writing at: Dreams to Realities, Rothesay House, First Floor, 134 Douglas Street, Glasgow G2 4HF.