In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and the relevant Regulator(s) such as the ICO of a suspected data security breach where we are legally required to do so.
Where you have a username and password (or other identification information) which enables you to access certain services or BCS portals, it is your responsibility to keep this information secure. Please do not share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure and although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to the BCS website; any transmission is at your own risk. Once we have received your personal data, we will use strict protocols and security features to try to prevent unauthorised access.
Data held in our backup systems is beyond use and cannot be accessed by any staff member apart from certain members of the IT Department. We will not use the data in the back-up systems for any purpose and will only hold the data until it is replaced in line with the established schedule. Personal data will remain on the back up servers until they are deleted after 90 days.