At TrustPoint Governance we are committed to protecting personal data and to fair and transparent processing. 

As part of the corporate governance services provided by TrustPoint Governance, personal data may be stored and processed. This is generally undertaken as a data processor, and our clients are data controllers.

Personal data may be used to provide services to our clients. All personal data is stored in the UK, electronically and is password protected. General personal data is retained for 6 years, and personal data arising from board and shareholder meetings is retained for 10 years from the date of the meeting (as per the requirements of the Companies Act 2006).

We rely on several lawful bases of processing when personal data is collected and used, in order to operate the business and provide services to clients. These include: contract (in order to person our contractual obligations with individuals); consent (where an individual has freely given consent at the time the personal data was provided to us); legitimate interests (of ours, our clients or other third parties as we must collect certain personal information to enable us to provide our services).

Data subjects wishing to exercise rights under the GDPR should contact us at tom@trustpointgovernance.com. Such rights are subject to any exemptions to be applied where personal data has been collected and/or processed to meet a legal requirement.

Last updated January 2025.