GDPR and Data Protection Policy
The Institute of Sales Professionals (ISP) is committed to conducting its business in accordance with all applicable Data Protection laws and regulations and in line with the highest standards of ethical conduct.
This policy details expected behaviours of ISP’s Employees and Third Parties in relation to the collection, use, retention, transfer, disclosure and destruction of any Personal Data belonging to ISP’s Customers and Staff (i.e., the Data Subject) and irrespective of the media used to store the information.
Personal Data is any information (including opinions and intentions) which relates to an identified or Identifiable Natural Person. Personal Data is subject to certain legal safeguards and other regulations, which impose restrictions on how organisations may process Personal Data.
An organisation that handles personal data and makes decisions about its use is known as a Data Controller. ISP, as a Data Controller, is responsible for ensuring compliance with the Data Protection requirements outlined in this policy.
Non-compliance may expose ISP to complaints, regulatory action, fines and/or reputational damage. ISP’s leadership is fully committed to ensuring continued and effective implementation of this policy and expects all ISP Employees and Third Parties to share in this commitment.
Any breach of this policy will be taken seriously and may result in disciplinary action or business sanction.