Record Retention and Protection Policy

Last updated: 24/05/2018

1. INTRODUCTION

Wordbank Marketing Ltd (“the Company”) collects and processes a great deal of data in order to conduct everyday operations.

When it comes to retaining and protecting data relating to individuals, there are some key legal requirements with which the Company needs to comply. The purpose of this statement is to set out how the Company meets these requirements and to ensure that every individual who provides data to the Company understands how it is stored, protected and for how long it is retained.

This policy should be viewed alongside the:

The Record Retention and Protection Policy is one element of how the Company fulfils the obligations under the General Data Protection Regulation 2016 (“GDPR”).

2. GENERAL PRINCIPLES

The Company has some clear requirements when it comes to the protection and retention of personal data. These are:

The Company must retain the data that is needed in order to comply with legal, regulatory and contractual requirements
The Company must not hold data for longer than is necessary
The Company must ensure that only people who have a genuine need to see the data are able to access it
The Company must protect the data held so as to ensure it remains confidential and that the treatment of the data does not breach the privacy rights of individuals
The Company must be able to retrieve data in line with business requirements and in line with the requirements of the Data Subject Access Request Procedure

3. RECORD TYPES AND GUIDELINES

Below you will find details of the Company’s approach to record retention and protection in relation to the data held.

We store your data in a variety of ways. Below you can find out how we ensure all these methods are protected.

STORAGE METHOD	HOW IS IT PROTECTED
New client form	Stored on Wordbank’s secure network
Source files provided by client	Credential-only access to proprietary workflow system, only accessible inside Wordbank’s secure network.
Localized files	Credential-only access to proprietary workflow system, only accessible inside Wordbank’s secure network.
Prospect log	Stored on Wordbank’s secure network
Financial management software	Credential-only access from Wordbank-specific internal systems
Mailing list and survey software	Credential-only access
Proprietary workflow system	Credential-only access to proprietary workflow system, only accessible inside Wordbank’s secure network.

In the table below, you can see the data we hold, which of the above methods we use to store it, the retention period and the reason for this.

DATA ITEM	HOW IS IT STORED?	RETENTION PERIOD	REASON FOR RETENTION PERIOD
Name and company address	o New client formo Proprietary workflow system o Financial management software	Indefinitely	We will always need to have a history of our clients and completed project metadata for strategy, reporting and analysis.
Telephone number	o New client formo Proprietary workflow system	Indefinitely
Company email address	o New client formo Proprietary workflow system o Financial management software
Content including personally identifiable information contained in text for localization	o Source and final files		We do not destroy completed projects. They are put on a secure archive server after 1 year and only deleted by request of our clients.
Prospect client name & email address	o Prospect log	Duration of campaign – e.g. 4 months/3-mail sequence.	Once we establish if there is a business requirement for Wordbank’s services, we convert prospect data to client data (see above) or delete it.

4. RECORD DESTRUCTION

Once records have reached the end of their life in accordance with the Record Retention Policy, the Company will securely destroy them. Paper records will be shredded and electronic records will be deleted from all media (servers, hard drives, cloud-based systems etc.).

5. RECORD REVIEW

The Company will review the approach taken to record retention and protection on a regular basis with the aim of the review being to:

Ensure that the retention periods continue to balance the Company’s legal obligations with the rights of data subjects
That the Company is adhering to the agreed approach to record retention and destruction
That the way in which data is stored allows it to be retrieved in a timely fashion

6. CONCERNS AND QUESTIONS

GDPR is new legislation and its interpretation will evolve over time. The Company will continue to adopt best endeavours to ensure ongoing compliance. However, if you have concerns about any of the actions that are being taken, or are unclear as to how the Company is complying with specific elements of the legislation, please contact the COO via data_support@wordbank.com. We will then investigate the matter and respond to you within 28 days.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-for-gtm	11 months	Imported Cookie
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
Necessary	1 year
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.