Data Protection Policy

Data Protection Policy

Last Updated: 05/04/2025

This Data Protection Policy sets out how Fidelis Plus Ltd (“we”, “us”, “our”) ensures the proper handling, protection, and security of personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. About Us

Fidelis Plus Ltd
Company No: 16295218
Registered Office: 71–75 Shelton Street, London, WC2H 9JQ
Email: [email protected]

2. Our Commitment

We are committed to protecting the privacy, confidentiality, and integrity of all personal data we process—whether that relates to our customers, employees, suppliers, or website visitors. We ensure that data is processed lawfully, fairly, and transparently.

3. Legal Basis for Processing

We only process personal data where a legal basis applies under UK GDPR, including:

  • Consent
  • Contractual necessity
  • Legal obligation
  • Vital interests
  • Legitimate interests (provided your rights do not override ours)

4. Types of Data We Process

We may collect and process the following types of personal data:

  • Contact details (e.g. name, email, phone number)
  • Business information (e.g. company name, job title)
  • Technical data (e.g. IP address, browser type)
  • Communications (e.g. email correspondence, call logs)
  • Marketing preferences and consent status

5. Data Protection Principles

We adhere to the principles of data protection set out in the UK GDPR. Personal data shall be:

  • Processed lawfully, fairly, and transparently
  • Collected for specified, explicit, and legitimate purposes
  • Adequate, relevant, and limited to what is necessary
  • Accurate and kept up to date
  • Kept no longer than necessary
  • Processed securely with appropriate safeguards

6. Data Security

We implement appropriate technical and organisational security measures to protect personal data from loss, misuse, or unauthorised access. These include:

  • Encryption and access control
  • Secure data storage and backups
  • Firewalls and intrusion prevention systems
  • Regular security audits and reviews

7. Data Subject Rights

Under the UK GDPR, you have the right to:

  • Access your personal data
  • Request correction or deletion
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time (where applicable)

To exercise your rights, contact us at [email protected].

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, regulatory, and business requirements. Retention periods are reviewed regularly.

9. Third Parties and Data Processors

We may share data with trusted third-party service providers (e.g., hosting providers, communication platforms, CRM systems) under strict confidentiality and data processing agreements. All processors are required to meet our standards of security and data protection.

10. International Data Transfers

If data is transferred outside the UK, we ensure appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses (SCCs), or approved data transfer mechanisms.

11. Staff Responsibilities and Training

All employees and contractors handling personal data are required to understand and comply with this policy. Regular training and awareness sessions are provided to maintain high data protection standards.

12. Reporting Data Breaches

In the event of a personal data breach, we will assess the risk and notify the Information Commissioner’s Office (ICO) and affected individuals if required, in accordance with legal obligations.

13. Monitoring and Review

This policy is reviewed at least annually or following significant changes in legislation, business practices, or risk assessments.

14. Contact

If you have any questions or concerns about this policy or how your data is handled, please contact:

Fidelis Plus Ltd
71–75 Shelton Street, London, WC2H 9JQ
[email protected]