Altos Web Solutions, inc. – 5725 Bravo Ave, Reno, NV 89506 USA

EDDP, Electronic Data Disposal Policy

Table of Contents

EDDP - Electronic Data Disposal Policy

Introduction

Data Protection law defines ‘personal data’ as any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental economic, cultural or social identity of that natural person.

It is necessary to have such a policy to ensure that methods of data disposal meet the requirements of the Data Protection Act.

Additional care must be taken when disposing of sensitive personal data.

The policy is to be used where there is a risk that personal data that is no longer required could become accessible to a third-party if it is not disposed with appropriate care in record types (medical, financial, disciplinary etc.): it is only concerned with methods used for disposing of data. The retention schedule which deals with how long information should be held for can be found in The Records Management Policy.

In this policy must be detailed the steps for data disposal we were involved in preparing a valuable data disposal according to the scope and the type of organization and the type of stored personal data.

Digital based Disposal

Logical disposal method

we use to move from the online dvice to the offline device and to overwrite the bucktes wher the informationwere stored
In a short amuont of time any traces of the data will be not recunstructed anymore
The offline device will remain available for a certain amount of time but surely less then 6 months. After that period the device will be recycled and no traces of the original data will not be retrivable in any way

Manual or Paper-based Data Disposal

Personal data which is contained in manual or paper-based records re shredded manually.

Roles and Responsibilities

The Data Protection Officer (DPO) has overall responsibility for the operation of this policy and is responsible for ensuring that this policy is reviewed in line with operational and GDPR requirements.
Last Updated on July 29, 2024