Data Protection Policy

Version: 1.0
Effective Date: 21 September 2025
Last Reviewed: 21 September 2025

1. Purpose
This policy sets out Targeted Technology Solutions, Inc.’s commitment to protecting personal data under UK GDPR and the Data Protection Act 2018.

2. Scope
Covers all personal data processed by the company, whether staff, contractors, customers, or website visitors.

3. Data Protection Principles
We adhere to:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability

4. Roles & Responsibilities
- Data Controller: Targeted Technology Solutions, Inc
- Data Protection Officer: [If applicable]
- All employees are responsible for compliance

5. Lawful Basis for Processing
Defined by type: consent, contract, legal obligation, legitimate interests

6. Consent Management
How consent is obtained, recorded, managed, and withdrawn

7. Data Subject Rights
Procedure for access, correction, erasure, objection, portability

8. Data Security
- Access controls
- Encryption and secure storage
- Staff training & confidentiality
- Incident management

9. Data Retention
Data is retained only as long as necessary and securely deleted thereafter.

10. Third-Party Processing
Oversight and contracts with processors. International transfers protected.

11. Monitoring & Review
Regular audits and updates to policy as laws or operations change.