top of page

Data Protection Policy

Studio Connect is committed to responsibly collecting, managing, safeguarding, and protecting personal and sensitive information of our clients, employees, and stakeholders. 

​​​

Procedures and Controls
 
Collection of Personal and Sensitive Information

  • Collect personal information lawfully, fairly, transparently, and only to the extent necessary for our business activities.

  • Clearly inform individuals of the purpose, usage, storage, and sharing practices at the point of data collection.

  • Obtain explicit consent for collection and processing, especially for sensitive information.

 
Storage and Security

  • Store personal information securely with robust cybersecurity controls, including secure passwords, and access management protocols.

  • Limit access to personal and sensitive information strictly to authorised personnel on a need-to-know basis.

  • Regularly review and update security systems to maintain compliance with evolving security standards.

 
Data Usage

  • Personal information will only be used for the specific purpose for which it was collected unless explicit consent is obtained for any other use.

  • Ensure regular training and awareness programs for all employees handling personal data.

 
Data Accuracy and Maintenance

  • Regularly review and update personal information to maintain accuracy and completeness.

  • Facilitate prompt correction or deletion of inaccurate or outdated personal data upon request.

 

Data Retention and Disposal

  • Retain personal information only as long as necessary for the purpose it was collected or as required by law.

  • Securely dispose of personal data when no longer required.

 
Reporting of Data Breaches

  • Establish a clear procedure for rapid response to suspected or confirmed data breaches, ensuring compliance with the Australian Notifiable Data Breach Scheme.

  • Immediately assess and contain any breach, minimise potential harm, and mitigate further risks.

  • Notify affected individuals and the Office of the Australian Information Commissioner (OAIC) promptly as required by law.

  • Document all breaches comprehensively, including actions taken and measures implemented to prevent future incidents.

 
Accountability and Review

  • Regularly audit privacy procedures and controls to ensure ongoing compliance and effectiveness.

  • Provide clear channels for inquiries and complaints related to personal data handling, privacy concerns, and breaches.

bottom of page