Privacy Policy

Data Privacy Policy

Principles for the secure use of personal data

1. Respect

VEHERE respects the privacy of beneficiaries and recognises that obtaining and processing their personal data represents a potential threat to that privacy

2. Protect By Design

VEHERE "protects by design" the personal data it obtains from beneficiaries either for its own use or for use by third parties it initiates or implements

3. Understand Data Flows And Risks

VEHERE analyses, documents and understands the flow of beneficiaries data it initiates or implements within its own organisation and between its organisation and others and develops risk mitigation strategies which might be required to address any risk arising from these flows

4. Quality And Accuracy

VEHERE ensures that accuracy of the personal data it collects, stores and uses, including by keeping information up to date, relevant and not excessive in relation to the purpose for which it is processed, and by not keeping data for longer than necessary

5. Obtain Consent Or Information Beneficiaries As To Use Of Their Data

At the point of data capture, beneficiaries are informed as to the nature of the data being collected, with whom it will be shared, who is responsible for the secure use of their data and be provided with the opportunity to question the use of the data and withdraw from the program should they not wish their personal data to be used for the purpose described

6. Security

VEHERE implements appropriate technical and operational security standards for each stage of the collection, use and transfer of beneficiary data to prevent unauthorised access, disclosure or loss and in particular any external threats that may be identified and actions are taken to mitigate any risks arising

7. Disposal

Principle: VEHERE does not hold beneficiary data for longer than is required unless we have clear, justifiable and documented reasons for doing so otherwise data geld by the organisation and any relevant third parties is destroyed

8. Accountability

VEHERE establishes a mechanism whereby a beneficiary can request information about what personal data an organisation holds about them, and mechanisms to receive and respond to any complaints or concerns beneficiaries may have about the use of their personal data