We take reasonable steps to protect any personal information that we hold from misuse, interference and loss and from unauthorised access, alteration and disclosure. For example, we implement security measures such as security procedures for access to our business premises and within our offices, as well as IT security procedures including password protection, firewalls and other site monitoring procedures.
However, data protection measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to protect your personal information (for example, by protecting any usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches.
We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law. We may need to retain records containing personal information to comply with record keeping obligations, and for other legitimate business purposes (such as quality assurance).