EMOTIONAL SUPPORT ANIMALS UK

Empowering Lives with Unconditional Support
Your Partner in ESA Registration and Rights
"Compassion, comfort, connection"

DATA PROTECTION POLICY - EMOTIONAL SUPPORT ANIMAL REGISTRY UK

At ESA, we are committed to protecting the privacy and confidentiality of personal data entrusted to us. This Data Protection Policy outlines how we handle personal data, particularly concerning medical information, in accordance with applicable data protection laws.

1. **Scope and Application**
This policy applies to all personal data collected, processed, and stored by ESA.

2. **Data Collection and Use**
- We collect personal data, including contact information and medical documentation, solely for the purpose of registering emotional support animals (ESAs).
- Medical data provided to us is used only to verify eligibility for ESA registration. Once verified, medical data is promptly deleted from our systems.
- We do not use personal data for any other purpose without explicit consent from the individual.

3. **Data Security**
- We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.
- Access to personal data is restricted to authorized personnel on a need-to-know basis.

4. **Data Retention**
- Medical data provided for ESA registration purposes is retained only for the duration necessary to verify eligibility. Once verified, medical data is securely deleted from our systems.
- We do not retain any medical data beyond the verification process.

5. **Third-Party Disclosure**
- We do not disclose personal data to third parties unless required by law or with explicit consent from the individual.
- Any third-party service providers that we engage with are carefully selected and required to adhere to data protection standards.

6. **Individual Rights**
- Individuals have the right to access, correct, or request deletion of their personal data held by ESA.
- Requests to exercise these rights should be submitted in writing to our Data Protection Officer.

7. **Data Breach Response**
- In the event of a data breach involving personal data, we will promptly assess the situation, take appropriate measures to mitigate the impact, and notify affected individuals and relevant authorities as required by law.

8. **Policy Review**
- This Data Protection Policy is regularly reviewed and updated to ensure compliance with applicable data protection laws and best practices.

If you have any questions or concerns about our data protection practices, please contact our Data Protection Officer at out site contact page.

Date of last review: 01.01.2023.