General Data Protection Policy (GDPR)

Bespoke Marketing (BM) is committed fully to compliance with the requirements of the Data Protection Act 1998. The 1998 Act applies to all organisations that process data to their employees, as well as to others e.g. customers and clients. It sets out principles, which should be followed by those who process data; it gives rights to those whose data is being processed. To this end, BM endorses fully and adheres to the eight principles of data protection, as set out in the DPA.

1. Data must be processed fairly and lawfully.
2. Data must only be obtained for specified and lawful purposes.
3. Data must be adequate, relevant and not excessive.
4. Data must be accurate and up to date.
5. Data must not be kept for longer than necessary.
6. Data must be processed in accordance with the “data subject’s” (the individual’s) rights.
7. Data must be securely kept.
8. Data must not be transferred to any other country without adequate protection in place.

Currently we do not share data with any 3rd parties.
Data may be shared with contractors working on projects with or managed by BM for a client. In this case an NDA will be signed if required and the above rules will apply.