Acorus is committed to maintaining control of personal and confidential commercial information at all times. Acorus operates an information management system to manage and monitor information security, whether held in electronic, paper or other medium.
Personal information is managed in compliance with the EU General Data Protection Regulation (GDPR) and any other relevant legal requirement.
Acorus will keep personal information confidential except where disclosure is required by law. Such information will be retained for as long as Acorus considers necessary or the law requires, whichever is longer. Acorus will not sell, rent or lease email addresses or other personal information to third parties.
Client confidential commercial information
Confidentiality is covered in Acorus’ standard contractual terms and conditions. A link to the relevant website page is provided below:
The terms and conditions state that Acorus will treat as confidential all trade secrets and confidential information received from the client concerning the client or its business. Where correspondence with the client is via the internet, email or other electronic media, Acorus will take reasonable steps to safeguard the security of information transmitted but will not accept liability for its security and confidentiality beyond these steps.
Suppliers and sub-contractors
The protection of confidential information is covered in standard arrangements for the provision of supplies or sub-contracted services. This normally includes provision of relevant Privacy Notices to Acorus by the supplier or sub-contractor.
We only collect identifiable information that is specifically and voluntarily provided by a visitor to our website, for example in making an inquiry about Acorus’ services. Any personal data supplied to Acorus will be used solely for the purpose indicated on the web page requesting the information.
Data breaches and complaints
Data breaches and privacy related violations of this policy discovered by Acorus will be investigated. Acorus will maintain a Register of Data Breaches and notify the Information Commissioner’s Office in the event of a serious violation of the GDPR.
Complaints from clients and third parties will be managed in accordance with Acorus’ Complaints Handling Procedure, a link to which is provided below:
If you would like to have further information or have any concerns about how we use your information and you do not feel able to discuss it with us, please refer to the Information Commissioner.