We are aware of the changes to data protection law under GDPR and how it will impact the business.

Plans are in place for an information audit under the requirements prescribed by the GDPR.

The company has initiated a project to be GDPR compliant.

A training programme is in place for all relevant staff to be aware of GDPR requirements.

The company take name and contact data only. Financial transactions are handled by Sagepay.

The privacy policy is available.

Procedures and policies are in place to comply with the data subject’s rights.