top of page
Screenshot 2026-03-04 at 20.32.38.png

“Your workforce. Your direction. Our expertise.” - 20 years Experience.

Data Protection Policy Statement

Introduction
Velma Group Ltd is committed to protecting the privacy and security of personal information. We recognise the importance of safeguarding personal data and ensuring that it is processed lawfully, fairly and transparently.
This Data Protection Policy Statement outlines our commitment to handling personal data responsibly and in accordance with applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We ensure that all personal data collected, processed and stored by our organisation is handled with the highest level of care and security.
Our Commitment
We are committed to maintaining strong data protection practices across all areas of our business. This includes ensuring that personal data is:

  • Processed lawfully, fairly and transparently

  • Collected for specific, explicit and legitimate purposes

  • Adequate, relevant and limited to what is necessary

  • Accurate and kept up to date

  • Stored securely and protected from unauthorised access

  • Retained only for as long as necessary

  • Processed in a way that ensures appropriate security and confidentiality

Our policies and procedures are designed to ensure that personal data is managed responsibly at every stage of its lifecycle.
Scope of the Policy
This policy applies to all personal data processed by Velma Group Ltd, including information relating to:

  • Clients and business partners

  • Workers and employees

  • Contractors and suppliers

  • Website users and individuals who contact us

The policy covers all forms of personal data, whether stored electronically, on paper or through other systems.
Responsibilities
Velma Group Ltd takes overall responsibility for ensuring compliance with data protection laws.
All employees, contractors and third parties who process personal data on behalf of the company are expected to:

  • Handle personal data responsibly and securely

  • Follow internal data protection procedures

  • Ensure confidentiality when handling personal information

  • Report any potential data breaches or security concerns immediately

Appropriate training and guidance are provided to ensure that individuals understand their responsibilities when processing personal data.
Data Security
We implement appropriate technical and organisational measures to safeguard personal data from loss, misuse, unauthorised access or disclosure.
These measures may include:

  • Secure digital systems and encrypted platforms

  • Controlled access to personal information

  • Secure document storage and management

  • Regular system monitoring and updates

Our systems and processes are regularly reviewed to ensure that data security standards remain effective and up to date.
Data Sharing
Personal data will only be shared with third parties where it is necessary to deliver our services or where required by law.
Where third parties process personal data on our behalf, we ensure that appropriate safeguards and contractual agreements are in place to protect that data.
We will not sell or distribute personal information to third parties for marketing purposes.
Data Retention
Personal data will only be retained for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, regulatory or contractual requirements.
When personal data is no longer required, it will be securely deleted or destroyed in accordance with our data retention procedures.
Individual Rights
Individuals whose personal data we process have rights under data protection legislation. These rights include:

  • The right to access personal data

  • The right to request correction of inaccurate information

  • The right to request deletion of personal data where appropriate

  • The right to restrict or object to certain types of processing

  • The right to request the transfer of personal data to another organisation

Requests relating to personal data will be handled promptly and in accordance with applicable legal requirements.
Data Breaches
In the event of a personal data breach, we have procedures in place to investigate and respond appropriately.
Where required, breaches will be reported to the Information Commissioner’s Office (ICO) and affected individuals in accordance with legal obligations.
Policy Review
This Data Protection Policy Statement will be reviewed periodically to ensure it remains aligned with current legislation and best practice in data protection.
Contact Information
For any questions regarding this policy or our data protection practices, please contact:
Velma Group Ltd
Suite 1, 262 Cowley Road, Oxford, England, OX4 1UH
velmagroup@outlook.com
Individuals also have the right to raise concerns with the Information Commissioner’s Office (ICO) if they believe their personal data has been handled improperly.

bottom of page