Data Protection Policy

JumpData Ltd. Co. number 08241266

Date: 20th September 2019

Revision: 0.9

Author: Jason Baird

Responsible Person: Dr.Paul Brown, Managing Director, Jump Data Ltd.





The client may provide us with personal data which they have collected from their customers. For the purpose of this policy, the client is the Data Controller.



We may take data provided by the client and process it, as part of providing the service. We are the Data Processor.


The Service

The service is defined as any data manipulation and analysis, or software development we provide for the client.


Our Compliance with the Seven GDPR Principles


Lawfulness, fairness and transparency

We are obtaining the data for lawful purposes (to provide the client with the service).

We are being provided with the data in a fair way, the client has engaged us in order to provide a data processing service.

We are transparently processing this data on behalf of the client, as described below.


Purpose and Limitations

We are processing the data in order to provide the client with the service.

We will not use this data for any other purpose.

We will not disclose this data to any other entity.


Data Minimisation

We will process only the data required to provide the client with the service.



We will ensure that the data, provided back to the client as part of the service, is an accurate representation of the data provided by the client.


Storage Limitation

We will store the data for only long enough as to provide the service to the client.

Upon providing the service to the client, the data container (Microsoft Access database) will be archived and retained securely for 12 months, after which time it will be permanently deleted.

The client can request that we delete the data container at any time after we have supplied it to the client.



We will securely store any data supplied by or back to the client.

We will provide access to a secure, password-protected, FTP (SFTP) site for transfer of data between us and the client.

We will use GDPR compliant storage devices when storing the data on our IT equipment.



We will ensure all our staff handling data from the client, are trained in their responsibilities in terms of executing this policy.

We will ensure all our staff are aware of their duty of confidentiality, with regard to any data supplied by the client.


End of Policy