Data Protection and Privacy Policy

INTRODUCTION

SKG Consulting and Services (hereinafter referred to as SKG) is committed to protecting the privacy and confidentiality of personal data collected or processed during its business operations. This document outlines the principles and practices that govern the collection, use, and disclosure of personal data by SKG in accordance with the Data Protection Act 2023 (Guyana).

SCOPE

This policy applies to all employees, contractors, vendors, and third parties who collect, use or process personal data on behalf of SKG. It is also applicable to all personal data collected from clients, partners, and other individuals. 


PERSONAL INFORMATION COLLECTION

We may collect personal information, such as name, address, date of birth, email, phone number, National ID, TIN, employment details, educational background and case-related information from clients, employees and stakeholders. We may also collect sensitive personal data (criminal record information for background checks, health or biometric data where legally necessary, racial and ethnic origin if required for employment law compliance, trade union membership if closed or required for legal proceedings and trade union membership if disclosed or required for legal proceedings We collect personal information through various channels, such as our website, email, and in-person interactions. We may also collect personal information from third-party sources, such as service providers and business partners.


USE OF PERSONAL INFORMATION 

The company will only use personal data for the purposes for which it was collected or as otherwise permitted by the Guyana Data Protection Act 2003. Personal data may be used for, but not limited to, the following purposes:

  • Providing services requested by individuals;

  • Communicating with individuals about services or other business-related matters;

  • Conducting market research, analytics, and improving business operations;

  • Managing and administering employee or contractor relationships;

  • Complying with legal or regulatory requirements; and

  • Protecting the rights and interests of the SKG or its clients.


HOW DO WE COLLECT DATA?

Data is collected for our clients through the following methods 

  • Direct interactions (forms, emails, calls, in-person consultations)

  • Client onboarding and service delivery processes

  • Employment or HR processes

  • Third-party sources such as background check agencies, regulatory bodies, or your employer (if services are employer-provided)

WHY DO WE COLLECT AND USE YOUR DATA? 

We only process your data where there is a lawful basis, including:

  • Contractual necessity – to provide legal or HR services;

  • Legal obligations – compliance with employment, tax, AML, and other regulations;

  • Legitimate interests – where it is necessary for our operational needs and does not override your rights; and

  • Consent – where required, especially for marketing or processing special category data.


SHARING YOUR INFORMATION 

SKG may share personal data with third parties for legitimate business purposes, including but not limited to courts, tribunals, regulators, law enforcement, registries, governmental agencies (where legally required), service providers, vendors, contractors, and business partners. Personal data may also be disclosed to comply with legal requirements or in response to lawful requests from public authorities. The business will take all appropriate measures to ensure that third parties receiving personal data are bound by confidentiality obligations and provide adequate protection to the personal data.


DATA TRANSFERS OUTSIDE GUYANA 

We only transfer data outside Guyana where:

  • The receiving country offers adequate protection (as defined under the Act)

  • You have given your explicit consent 

  • There are contractual safeguards in place (e.g., Standard Contractual Clauses)


HOW LONG DO WE KEEP YOUR DATA?

We retain personal data only as long as necessary for the purpose for which it was collected, or as required by law. 

Examples:

  • Legal client files: up to 7 years

  • Employee data: up to 6 years after employment ends

  • Financial and AML records: up to 7 years

After this period, the data is securely deleted or destroyed.


HOW WE PROTECT YOUR DATA

We implement appropriate technical and organisational measures, including:

  • Secure servers and firewalls

  • Encrypted communications and backups

  • Role-based access controls

  • Regular employee training

  • Physical security at office locations

  • Secure disposal of physical and electronic data


CHANGES TO THIS POLICY

We reserve the right to update this Privacy Policy at any time. The most recent version will always be accessible on our website or upon request. Significant changes will be communicated directly where appropriate. 


YOUR DATA RIGHTS UNDER THE LAW  

Under the Data Protection Act of 2023, you have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate or incomplete data

  • Request deletion of your data (“right to be forgotten”)

  • Object to or restrict the processing of your data

  • Withdraw consent (where processing is based on consent)

  • Request a copy of your data in a portable format

  • Lodge a complaint with the Data Protection Commissioner of Guyana


CONTACT INFORMATION

If you have any questions, concerns, or would like to exercise your data rights, please contact:

Operations Manager - Legal and Administrative Support 

info@skgandservicesinc.com

592-502-8011

Document Version: 1.0

Effective Date: 31st day of October, 2025