Data Handling Policy

​

Effective Date: 1st July 2025

 

Last Updated: 21st July 2025

 

1. Introduction

​

At One Red Kite Limited, we understand the importance of responsible and ethical data handling practices. This Data Handling Policy outlines our commitment to safeguarding the privacy and security of personal and sensitive data entrusted to us. We adhere to all relevant data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR).

​

2. Scope

​

This policy applies to all employees, contractors, and third-party partners who have access to, process, or handle data on behalf of One Red Kite Limited. It covers the entire data lifecycle, from collection to disposal.

 

3. Data Collection

 

3.1. Purpose Limitation: We collect data only for legitimate and specified purposes, and we do not use it for any purpose incompatible with those purposes.

 

3.2. Consent: We obtain clear and informed consent when required for data collection. Individuals have the right to withdraw their consent at any time.

 

3.3. Minimization: We collect only the data necessary for the intended purpose, striving to keep it accurate and up-to-date.

 

4. Data Processing

 

4.1. Data Security: We implement appropriate technical and organizational measures to protect data against unauthorized access, disclosure, alteration, and destruction.

 

4.2. Data Retention: We retain data only for as long as necessary for the purposes for which it was collected. Data will be securely disposed of when no longer required.

 

4.3. Data Accuracy: We take reasonable steps to ensure that data is accurate, complete, and up-to-date. Individuals have the right to request corrections.

 

5. Data Sharing and Disclosure

 

5.1. Third-Party Partners: We share data with third-party partners only when necessary for the specified purposes and after ensuring that they comply with data protection standards.

 

5.2. Legal Requirements: We may disclose data when required by law or as part of a legal process.

 

6. Data Subject Rights

 

6.1. Access: Data subjects have the right to access their personal data held by us.

 

6.2. Rectification: Data subjects can request the correction of inaccurate or incomplete data.

 

6.3. Erasure: Data subjects have the right to request the deletion of their data under certain circumstances.

 

6.4. Data Portability: Upon request, we will provide data subjects with a copy of their data in a commonly used format.

 

6.5. Objection: Data subjects can object to the processing of their data for certain purposes.

 

7. Incident Response

 

In the event of a data breach or security incident, we will promptly assess and mitigate the breach, notify affected parties and relevant authorities as required by law, and take necessary steps to prevent future incidents.

 

8. Training and Awareness

 

We provide training and awareness programs for our employees and contractors to ensure they understand and adhere to this policy and relevant data protection laws.

 

9. Compliance and Accountability

 

We regularly review and update this policy to stay in compliance with applicable data protection laws. Our Data Protection Officer (DPO) is responsible for monitoring compliance and addressing data protection inquiries and concerns.

 

10. Contact Information

 

If you have any questions, concerns, or requests related to data handling, please contact our Data Protection Officer at

kevin.brocklebank@oneredkite.com.

 

11. Changes to this Policy

 

We may update this policy periodically to reflect changes in laws, regulations, or our data handling practices. The latest version will always be available on our website.

 

By choosing One Red Kite Limited, you entrust your data to a responsible and committed partner dedicated to protecting your privacy and ensuring the security of your information.

 

Kevin Brocklebank – Founder & Managing Director

 

One Red Kite Limited

 

www.oneredkite.com