An Introduction to GDPR and How To Prepare
|
|
- Gladys Gallagher
- 5 years ago
- Views:
Transcription
1 An Introduction to GDPR and How To Prepare Vincenzo Ardilio IRIS Data Protection Officer
2 What We Will Highlight What you need to know first about GDPR Privacy notices Data subject rights The data controller/processor relationship Summary of key changes: o Data protection by design and default o Data protection officer o What reporting breaches
3 What You Need to Know First The General Data Protection Regulation (GDPR) is replacing the Data Protection Act 1998 from 25 May 2018 Risk of very high fines of up to 20m/4% annual t/o and reputational damage if anything goes wrong It s all about accountability and being able to demonstrate it
4 Will It Really Happen? Timelines - UK remains part of EU for two years after triggering Article 50 UK heavily involved in creation of GDPR and committed to it - HMG has published UK Data Protection Bill Any replacement UK data protection law will probably be GDPR under a different name
5 What Does Data Protection Apply To? Personal data Anonymised data Pseudonymised data
6 Potential HR risk areas Recruitment process Employment screening Monitoring IT usage Monitoring employee use of company vehicles Article 29 Working Party Opinion Data Processing at Work Time and attendance Disclosures to third parties International transfers
7 Data Protection Fundamentals Data protection principles Article 5 Individual rights Articles 12-23
8 The 6 Data Protection Principles A B C D E F Lawfulness, fairness and transparency Purpose limitation Data minimisation Accuracy Storage limitation Integrity and confidentiality Controller is responsible for complying with these and must be able to demonstrate compliance
9 Privacy Notices You need to tell people a lot more about what you do with their personal data than you did under the data protection act it s all about transparency Privacy explanations must be easy to understand: concise, transparent, intelligible and easily accessible, using clear and plain language Explain any unexpected use of your client s data by you and your sub contractors ( data processors ) The ICO has a code of practice, Privacy notices, transparency and control a code of practice on communicating privacy information to individuals
10 Privacy Notices (2) Pharmacy2U privacy notice (extract) Occasionally we make details available to companies whose products or services we think may interest our customers. If you do not wish to receive such offers please login to your account and change the setting to indicate NO for Selected company data sharing Customers mostly elderly Information sold included various medical conditions Selling 20,000 customer details to lottery company and health supplements supplier Fined 130k for unfair processing
11 Data Subject Rights There are 10 rights you need to know about Fines up to 4% annual turnover or 20m for rights failures Subject access requests need to be dealt with quicker (within one month) and free of charge Electronic data should be provided in a common format (right to data portability) Individuals can ask for personal data to be: - rectified, - deleted, - Use-restricted, and can object to its use
12 Controller/Processor Service providers (processors) will have new obligations Controllers must carry out due diligence on the processors and make sure contract in place New requirements for the content of data controller/processor contracts (see Article 28) Controllers must inform clients of non obvious data processor activities Shared responsibility for security Personal data breaches
13 Data Protection act GDPR Real Impact iris.co.uk Summary of Key Changes Data protection by design and default No formal requirement Explicit requirement A challenge to evidence compliance - Will impact project management processes
14 Data Protection act GDPR Real Impact iris.co.uk Summary of Key Changes (2) Data protection officer No statutory requirement discretionary Role not defined Statutory requirement for public authorities and some other organisations Some organisations will need to designate a data protection officer Defined role
15 Reporting Breaches Your responsibilities: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed; Must be reported to Regulator no later than 72 hours from discovery if likely to result in a risk to rights and freedoms Must inform affected individuals when the breach is likely to result in a high risk to their rights and freedoms
16 Summary So Far GDPR or its equivalent under UK law is happening Huge risks for non compliance reputational and financial Great commercial benefits for getting it right Crucial to comply with the data protection principles and handle your clients rights correctly
17 What are IRIS doing? 1. Appointment of Data Protection Officer in June GDPR included on our corporate risk register 3. Governance framework 4. Documenting all current processes and data flows 5. Carrying out a detailed gap analysis 6. Conducting risk assessments
18 Our Advice Raise GDPR at board level, include it on your risk register Appoint a data protection lead consider whether you need to appoint a DPO Get training and awareness underway in your business Make sure your organisation understands what it is doing with personal data Review your privacy notices do they give enough information? Are they clear and concise? Do you need to get more information from your service providers? If you rely on consent, review your mechanisms for obtaining it and your record-keeping in that area Health-check your relationships/contracts with your service providers/data processors Ensure you have a procedure for reporting breaches and that staff know about it
19 Thank You Next: Andy Nichols The Pension Regulator Managing the Auto Enrolment Re-enrolment Journey
Getting ready for the new data protection laws A guide for small businesses, charities and voluntary organisations
Getting ready for the new data protection laws A guide for small businesses, charities and voluntary organisations Page 1 of 22 Your business and the new data protection laws Data protection and privacy
More informationWhat does the GDPR mean for recruitment?
What does the GDPR mean for recruitment? www.recruitment.software Contents 04 What is GDPR? In May 2018, Europe s new data protection rules will come into effect. 04 Who is responsible? 05 What are the
More informationA PRACTICAL GUIDE FOR HOW AN ADVERTISER CAN PREPARE FOR GDPR JANUARY 2018
A PRACTICAL GUIDE FOR HOW AN ADVERTISER CAN PREPARE FOR GDPR JANUARY 2018 1 PURPOSE OF THIS DOCUMENT 2 This document is to be used as a guide for advertisers on how they should work with their agencies,
More informationGeneral Data Protection Regulation (GDPR) Key considerations and implications for brokers
General Data Protection Regulation () Key and implications for brokers Contents at at 03 - did you know? 05 How to handle 07 Considerations for Broker Directors 08 General Data Protection Regulation ()
More informationGDPR in Early Years and Childcare settings. What s the connection? Data Protection
GDPR in Early Years and Childcare settings What s the connection? Data Protection What is GDPR? Test your knowledge 10 minute quiz Think of GDPR as evolutionary, not revolutionary Why? GDPR legislation
More informationCHECKLIST FOR TASKS NEEDED IN ORDER TO COMPLY WITH GDPR. Legal02# v1[RXD02]
CHECKLIST FOR TASKS NEEDED IN ORDER TO COMPLY WITH GDPR Legal02#67236978v1[RXD02] CHECKLIST FOR TASKS NEEDED IN ORDER TO COMPLY WITH GDPR Notes: We recommend that any business looking to comply with the
More informationScottish Charity Number SC Dingwall Baptist Church DATA PROTECTION POLICY
Dingwall Baptist Church DATA PROTECTION POLICY Adopted: By Trustees Dingwall Baptist Church May 2018 1 Dingwall Baptist Church is committed to protecting all information that we handle about people we
More informationTimePlan Education Group Ltd ( the Company ) Data Protection. Date: April Version: 001. Contents
Company Name: Document DP3 Topic: ( the Company ) Data Protection Policy Data Protection Date: April 2018 Version: 001 Contents Introduction Definitions Data processing under the Data Protection Laws 1.
More informationData Protection Policy
Data Protection Policy General Data Protection Regulations (GDPR) Document control Version control / history Note: This policy requires to be reviewed at least annually from the publication of the last
More informationEARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY
EARLS HALL BAPTIST CHURCH DATA PROTECTION POLICY Adopted: 5 June 2018 1 Earls Hall Baptist Church is committed to protecting all information that we handle about people we support and work with, and to
More informationDATA PROTECTION POLICY 2018
DATA PROTECTION POLICY 2018 Amesbury Baptist Church is committed to protecting all information that we handle about people we support and work with, and to respecting people s rights around how their information
More informationData Protection Policy. UK Policy May 2018
UK Policy May 2018 5 & 7 Diamond Court, Opal Drive, Eastlake Park, Fox Milne, Milton Keynes MK15 0DU, T: 01908 396250, F: 01908 396251 www.cognitaschools.co.uk Registered in England Cognita Limited No
More informationGENERAL DATA PROTECTION REGULATION.
For the use of mortgage intermediaries and other professionals only. GENERAL DATA HALIFAX INTERMEDIARIES KEY CHANGES GUIDE MAY 2018 REGULATION >SELECT A TILE FOR MORE INFORMATION WHAT IS THE GDPR? KEY
More informationPreparing for the GDPR
Preparing for the GDPR Note: These slides and the accompanying presentation contain a general summary and are not legal advice. Niall Rooney 03/11/2017 (1) Data Protection The Right to Data Protection
More informationGeneral Personal Data Protection Policy
General Personal Data Protection Policy Contents 1. Scope, Purpose and Users...4 2. Reference Documents...4 3. Definitions...5 4. Basic Principles Regarding Personal Data Processing...6 4.1 Lawfulness,
More informationBaptist Union of Scotland DATA PROTECTION POLICY
Baptist Union of Scotland DATA PROTECTION POLICY Adopted: May 2018 1 1.The Baptist Union of Scotland 48, Speirs Wharf, Glasgow G4 9TH (Charity Registration SC004960) is committed to protecting all information
More informationPREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER
PREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER 1 What will the GDPR mean for your business/organisation? On the 25 th May 2018,
More informationGeneral Data Protection Regulation (GDPR) A brief guide
General Data Protection Regulation (GDPR) A brief guide Document compiled by: Terence Clark & Dr. Nathan Matthews June 2017 Acknowledgements This document contains material from the Information Commissioner
More informationData Protection Policy
Data Protection Policy This policy will be reviewed by the Trust Board three yearly or amended if there are any changes in legislation before that time. Date of last review: Autumn 2018 Date of next review:
More informationSection a What this Policy is for Policy Statement. 2. Why this policy is important... 3
Norwich Central Baptist Church DATA PROTECTION POLICY Adopted: May.2018 Norwich Central Baptist Church (NCBC) is committed to protecting all information that we handle about people we support and work
More informationSAFFRON WALDEN COMMUNITY CHURCH DATA PROTECTION POLICY. Adopted: [ ]
SAFFRON WALDEN COMMUNITY CHURCH DATA PROTECTION POLICY Adopted: [17-04-2018] 1 SAFFRON WALDEN COMMUNITY CHURCH is committed to protecting all information that we handle about people we support and work
More informationRSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company )
RSD Technology Limited - Data protection policy: Introduction Company Name: Document DP3 Topic: RSD Technology Limited ( the Company ) Data Protection Policy Data protection Date: 25 th May 2018 Version:
More informationGeneral Data Protection Regulation ( GDPR ) National Care Forum How Boards Manage GDPR Compliance & Risks. By Meena Lekhi, Associate
General Data Protection Regulation ( GDPR ) National Care Forum How Boards Manage GDPR Compliance & Risks By Meena Lekhi, Associate Agenda Background What are the risks? GDPR checklist Steps for trustees
More informationData Protection Policy
Reference: Date Approved: April 2015 Approving Body: Board of Trustees Implementation Date: August 2015 Supersedes: 2.0 Stakeholder groups Governance Committee, Board of Trustees consulted: Target Audience:
More informationNEW LIFE BAPTIST CHURCH NORTHALLERTON DATA PROTECTION POLICY. Adopted: 20 June 2018 To be reviewed: June 2021
NEW LIFE BAPTIST CHURCH NORTHALLERTON DATA PROTECTION POLICY Adopted: 20 June 2018 To be reviewed: June 2021 NEW LIFE BAPTIST CHURCH, NORTHALLERTON (referred to in this policy as NLBC) is committed to
More informationGENERAL DATA PROTECTION REGULATION Guidance Notes
GENERAL DATA PROTECTION REGULATION Guidance Notes What is the GDPR? Currently, the law on data protection requiring the handling of data which identifies people to be done in a fair way, is contained in
More informationGDPR is coming in 108 days: Are you ready?
Charles-Albert Helleputte Partner, Brussels GDPR is coming in 108 days: Are you ready? Diletta De Cicco Legal Consultant, Brussels 6 February 2018 +32 2 551 5982 chelleputte@mayerbrown.com +32 2 551 5974
More informationGDPR Impacts on Digital Transformation
GDPR Impacts on Digital Transformation @leanandagile @engage_process @leanandagile @engage_process Is this another millennium bug? GDPR compliance will be an ongoing journey Unlike planning for the Y2K
More informationData Protection Policy
Data Protection Policy Reviewed by: Reviewed when Resources Committee As required Date written and last reviewed July 2018 Source and date of model policy, if applicable n/a Contents 1. Aims... 2 2. Legislation
More informationGDPR is just around the corner. What does it mean for you?
GDPR is just around the corner What does it mean for you? Your guide to the GDPR The General Data Protection Regulation (or the GDPR for short) is a piece of EU regulation that comes into force on 25 May
More informationData Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents
Company Name: Document: Topic: System People ( the Company ) Data Protection Policy Data protection Date: 28/4/2018 Version: 1 Contents Introduction Definitions Data processing under the Data Protection
More informationGDPR readiness for start-ups, technology businesses and professional practices Martin Cassey
www.nascenta.com GDPR readiness for start-ups, technology businesses and professional practices Martin Cassey Introduction GDPR Key Points GDPR/DPA Differences Start Up, Tech Business Professional Practice?
More informationWHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION
WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION REGULATION (GDPR) WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION REGULATION (GDPR) Published by: The
More informationNew General Data Protection Regulation - an introduction
New General Data Protection Regulation - an introduction Netnod spring meeting 2017 Johan Hübner, Partner, Advokat Erika Hammar, Associate Agenda Background Why you need to care about the new data privacy
More informationGDPR for Employers DUBLIN / BELFAST / LONDON / NEW YORK / SAN FRANCISCO / PALO ALTO
GDPR for Employers DUBLIN / BELFAST / LONDON / NEW YORK / SAN FRANCISCO / PALO ALTO 1 Consent Things you need to know about consent and the processing of employees data The EU General Data Protection Regulation
More informationLEICESTER HIGH SCHOOL DATA PROTECTION POLICY
LEICESTER HIGH SCHOOL DATA PROTECTION POLICY 1. Background Data protection is an important legal compliance issue for Leicester High School. During the course of the School's activities it collects, stores
More informationGDPR AN OVERVIEW OF THE REGULATIONS AND THEIR LIKELY IMPACT ON APPRENTICESHIPS
GDPR AN OVERVIEW OF THE REGULATIONS AND THEIR LIKELY IMPACT ON APPRENTICESHIPS March 2018 Rebecca Rhodes, Senior Associate, UVAC r.rhodes@bolton.ac.uk Agenda Aim and purpose Scope & implications for non-compliance
More informationCHANNING SCHOOL DATA PROTECTION POLICY
CHANNING SCHOOL DATA PROTECTION POLICY The School may amend/change/update this Policy from time to time. 1. Background Data protection is an important legal compliance issue for Channing School. During
More informationUK Research and Innovation (UKRI) Data Protection Policy
UK Research and Innovation (UKRI) Data Protection Policy Document Information Revision History Version Comment Date By 0.1 Draft Policy created July 2017 DH 0.2 Revision post review by information manager
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Operational Owner: Executive Owner: James Newby Data Protection Officer Sarah Litchfield Senior Information Risk Officer Effective date: 25 th May 2018 Review date: May 2021 Related
More informationGDPR Podbriefing Audio Transcript
GDPR Podbriefing Audio Transcript Title Hello my name is Geraldine Swanton, and I m a legal director with Shakespeare Martineau in their education team, and I m here today to talk to you about data protection.
More informationGDPR: What Every MSP Needs to Know
Robert J. Scott GDPR: What Every MSP Needs to Know Speaker Robert J. Scott Agenda Purpose GDPR Intent & Obligations Applicability Subject-matter and objectives Material scope Territorial scope New Rights
More informationEU GENERAL DATA PROTECTION REGULATION
EU GENERAL DATA PROTECTION REGULATION GENERAL INFORMATION DOCUMENT This resource aims to provide a general factsheet to Asia Pacific Privacy Authorities (APPA) members, in order to understand the basic
More informationDATA PROTECTION POLICY VERSION 1.0
VERSION 1.0 1 Department of Education and Skills Last updated 21 May 2018 Table of Contents 1. Introduction... 4 2. Scope & purpose... 4 3. Responsibility for this policy... 5 4. Data protection principles...
More informationMore information at cventconnect.com/europe/mobileapp
Download and Login to the Cvent CONNECT Europe Mobile Event App Tap On Schedule Find Your Session Access Polls and Live Q&A More information at cventconnect.com/europe/mobileapp Cvent CONNECT Europe General
More informationGeneral Data Protection Regulation (GDPR) Frequently Asked Questions
General Data Protection Regulation (GDPR) Frequently Asked Questions 26 March 2018 0 Contents Introduction... 3 What is GDPR?... 3 Who does the GDPR apply to?... 3 Are tax advisers data controllers or
More informationNissa Consultancy Ltd Data Protection Policy
Nissa Consultancy Ltd Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments (DPIA)
More informationPensions Authority Data Protection Considerations for Trustees of Occupational Pension Schemes
Pensions Authority Data Protection Considerations for Trustees of Occupational Pension Schemes 1 INTRODUCTION The General Data Protection Regulation (GDPR) comes into force in all EU Member States on 25.
More informationData Protection Policy Approved by: COG Approved: 9 August 2017 Review date: August 2019 Version: Statement of Intent
Data Protection Policy Approved by: COG Approved: 9 August 2017 Review date: August 2019 Version: 4 1. Statement of Intent 1.1 Radian 1 must collect, store and process information about its customers,
More informationGDPR. Legalities, Policies and Process Part 3 of our series on GDPR and its impact on the recruitment industry
GDPR Legalities, Policies and Process Part 3 of our series on GDPR and its impact on the recruitment industry Who are we? Dillistone Group Plc, a public company listed on the AIM market of the London stock
More informationKEMBLE PRIMARY & SIDDINGTON CE PRIMARY SCHOOLS DATA PROTECTION & THE GENERAL DATA PROTECTION REGULATION (GDPR) POLICY
KEMBLE PRIMARY & SIDDINGTON CE PRIMARY SCHOOLS DATA PROTECTION & THE GENERAL DATA PROTECTION REGULATION (GDPR) POLICY Member of staff responsible Head teacher Governor responsible Chair of LGB & DPO Date
More informationThe ICT Service:
GDPR for schools 1 Intro and aims The ICT Service: support@theictservice.org.uk, 0300 300 00 00 Cambridgeshire County Council: Information and Records Team. Data.protection@cambridgeshire.gov.uk 01223
More informationSCHOOLS DATA PROTECTION POLICY. Guidance Notes for Schools
SCHOOLS DATA PROTECTION POLICY Guidance Notes for Schools Please read this policy carefully and ensure that all spaces highlighted in the document are completed prior to publication. Please ensure that
More informationIntroduction to the General Data Protection Regulation (GDPR)
Introduction to the General Data Protection Regulation (GDPR) #CIPR / @CIPR_UK This guide is worth 5 CPD points Introduction to the General Data Protection Regulation (GDPR) / 2 Contents 1 Introduction
More informationData Breach Notification Policy
Data Breach Notification Policy Agreed: At SMT 27 June 2018 To be reviewed May 2019 CONTENTS 1. SCOPE AND PURPOSE... 3 2. ACCOUNTABILITY... 3 3. DEFINITIONS... 3 4. WHAT IS A PERSONAL DATA BREACH... 4
More informationGDPR in schools and academies. Dai Durbridge, Partner Browne Jacobson LLP
GDPR in schools and academies Dai Durbridge, Partner Browne Jacobson LLP Welcome Partner in the Education team at Browne Jacobson Lead the Manchester Education team Expert information management lawyers
More informationData Breach Policy and Procedure
Data Breach Policy and Procedure Every care is taken by the college to protect personal data from situations where a data protection breach could compromise security. This policy and procedure applies
More informationGeneral Data Protection Regulation. What should community energy organisations be doing to prepare?
General Data Protection Regulation What should community energy organisations be doing to prepare? The implementation date of 25 May 2018 for the General Data Protection Regulation (GDPR) is fast approaching.
More informationData Protection Policy
Data Protection Policy Version Date Revision Author Summary of Changes 1.0 21 st May 2018 Ashleigh Morrow EXECUTIVE STATEMENT At CASTLEREAGH NURSERY SCHOOL (the School ), we believe privacy is important.
More informationTHE GENERAL DATA PROTECTION REGULATION (GDPR) A GUIDE FOR CONGREGATIONS
THE GENERAL DATA PROTECTION REGULATION (GDPR) A GUIDE FOR CONGREGATIONS INTRODUCTION The present rules governing how organisations should handle, or process, personal data are set out in the Data Protection
More informationBrasenose College Data Protection Policy Statement v1.2
Brasenose College Data Protection Policy Statement v1.2 1. Introduction All documents referred to in this policy can be found online at the address below: https://www.bnc.ox.ac.uk/privacypolicies 1.1 Background
More informationTraining Manual. DATA PROTECTION ACT 2018 (DPA18) Incorporating General Data Protection Regulations (GDPR) Data Protection Officer is Mike Bandurak
PROFESSIONAL INDEPENDENT ADVISERS LTD DATA PROTECTION ACT 2018 (DPA18) Incorporating General Data Protection Regulations (GDPR) Training Manual Data Protection Officer is Mike Bandurak GDPR introduction
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Document Control History Title Data Protection Policy Version no. 1.0 Date of publication May 2018 Author(s) Amanda Cramb, HR Manager Next review date May 2021 Page 1 Introduction
More informationGDPR Checklist. O - Organisation. P - Processing. T - Technology. I - Information. N - Next OVERVIEW. Your Personal Data
OPTIN checklist OVERVIEW 1 GDPR Checklist This checklist sets out activities you will need to consider and act on by the compliance deadline of 25th May 2018. Use this to help you identify what support
More informationFunctional area. F Hallinan, C Abad, W Andrews Approver (s) Version 001 Effective date 25 May Privacy Notice for Emergency Contacts
The Charter Schools Educational Trust Privacy Notice for Emergency contacts GDPR compliant (Article 14 contact details given by someone other than the data subject) Contents: The personal data we hold
More informationGetting ready for GDPR. A guide to General Data Protection Regulations
Getting ready for GDPR A guide to General Data Protection Regulations The General Data Protection Regulation (GDPR) Wherever information is stored, individuals and organisations need to be mindful of the
More informationSample Data Management Policy Structure
Sample Data Management Policy Structure This document has been produced by The Audience Agency. You are free to edit and use this document in your business. You may not use this document for commercial
More informationBROOKS PERSONAL TRAINING
BROOKS PERSONAL TRAINING Data Protection Policy Data Protection Policy Lent 2017 0 DATA PROTECTION POLICY Table of Contents: 1. Document Control... 2 2. Introduction... 3 3. General Statement of Scope...
More informationNCVO recruitment & GDPR applying for a job with us
NCVO recruitment & GDPR applying for a job with us NCVO is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently.
More informationGDPR POLICY. This policy complies with the requirements set out in the GDPR, which will come into effect on
GDPR POLICY Sponsors Statement All The Bishop of Winchester Academy policies exist to support the Sponsors vision, Christian ethos and values that are embedded in the day-to-day and long term running of
More informationGDPR data protection Privacy Notice (Recruitment)
Policy GDPR data protection (employment) GDPR data protection Privacy Notice (Recruitment) Manual creator, editor & Owner: Carl Burton (Compliance Manager, DPO) Date of issue: May 2018 Review Period: Annually
More informationGetting ready for the new UK data protection law Eight practical steps for micro business owners and sole traders
Getting ready for the new UK data protection law Eight practical steps for micro business owners and sole traders 1 Know the law is changing which you now do, so that s one thing you ve done already! 5
More informationUK SCHOOL TRIPS PRIVACY POLICY
UK SCHOOL TRIPS PRIVACY POLICY Introduction Welcome to the UK School Trips privacy notice. UK School Trips respects your privacy and is committed to protecting your personal data. This privacy notice will
More informationData Protection Policy
Preston and District Data Protection Policy The University of the Third Age Scope of the policy This policy applies to the work of Preston & District U3A (hereafter the U3A ). The policy sets out the requirements
More informationThe Sage quick start guide for businesses
General Data Protection Regulation (GDPR): The Sage quick start guide for businesses Contents Introduction 3 Infographic: GDPR at a Glance 4 The basics 5 The GDPR in summary 5 Individual rights and informing
More informationGeneral Data Protection Regulation. The changes in data protection law and what this means for your church.
General Data Protection Regulation The changes in data protection law and what this means for your church. 1 Contents Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 18 Page 20 Page 23
More informationThe GDPR: What does it mean for executive search?
The GDPR: What does it mean for executive search? At Invenias, we are committed to working in partnership with our customers to ensure a streamlined journey to compliance. Our customers benefit from data
More informationPolicy Document for: Data Protection (GDPR) Approved by Directors: September Due for Review: September Statement of intent
Policy Document for: Data Protection (GDPR) Approved by Directors: September 2017 Due for Review: September 2020 1. Statement of intent Timu Academy Trust is required to keep and process certain information
More informationWe have prepared a general privacy notice covering all subject data and including use of our website at
Privacy Notice Elliott Scott HR Recruitment is aware of its obligations in Europe to comply with General Data Protection Regulation (GDPR) and is committed to processing personal data securely and transparently.
More informationPOLICY. Data Breach Notification Policy. Version Version 1.0. Equality Impact Assessment Status. Date approved 23 rd May 2018
POLICY Document Title Data Breach Notification Policy Version Version 1.0 Equality Impact Assessment Status TBC Approved by Senior Management Team Date approved 23 rd May 2018 Effective date 25 th May
More informationRECRUITMENT PRIVACY NOTICE
SCOPE OF PRIVACY NOTICE RECRUITMENT PRIVACY NOTICE 1. Like most businesses, we hold and process a wide range of information, some of which relates to individuals who are applying to work for us. This notice
More informationA Practical Guide to Data Protection for Information Professionals
A Practical Guide to Data Protection for Information Professionals Naomi Korn and Carol Tullo on behalf of NKCC NKCC 2018. All Rights Reserved. www.naomikorn.com The information contained within this document
More informationRe: Implementation of the General Data Protection Regulation (GDPR)
Re: Implementation of the General Data Protection Regulation (GDPR) Dear Provider The purpose of this letter is to alert you to important changes arising from the General Data Protection Regulation which
More informationGDPR General Data Protection Regulation
GDPR General Data Protection Regulation Compliance Information Guide - May 2018 About this document Ticket Arena & Event Genius Disclaimer DISCLAIMER: This is a brief presentation for information purposes
More informationThe General Data Protection Regulation and associated legislation. Part 1: Guidance for Community Pharmacy. Version 1: 25th March 2018
The General Data Protection Regulation and associated legislation Part 1: Version 1: 25th March 2018 Introduction The General Data Protection Regulation and, when enacted, the Data Protection Act 2018
More informationIntroduction. Welcome to the OAG Aviation Group privacy notice.
Introduction Welcome to the OAG Aviation Group privacy notice. The OAG Aviation Group respects your privacy and is committed to protecting your personal data. This privacy notice aims to give you information
More informationPREPARING FOR THE GENERAL DATA PROTECTION REGULATION. SELF-ASSESSMENT QUESTIONNAIRE Data Controllers
PREPARING FOR THE GENERAL DATA PROTECTION REGULATION SELF-ASSESSMENT QUESTIONNAIRE Data Controllers 1. The current data protection legislation the Data Protection (Bailiwick of Guernsey) Law, 2001 and
More informationGDPR journey: from ready to compliant GDPR survey results
GDPR journey: from ready to compliant GDPR survey results Readiness at a glance The General Data Protection Regulation (or GDPR ) took full effect on 25 May 2018. As a key data protection regulation,
More informationWhile every organisation is different, we believe the following guidance will help you understand what GDPR is and how you can start to comply.
Introduction While every organisation is different, we believe the following guidance will help you understand what GDPR is and how you can start to comply. This guidance is split into two main parts Part
More informationTradeTracker: Preparing for GDPR
TradeTracker: Preparing for GDPR At TradeTracker, privacy and data protection is important to us. The new General Data Protection Regulation (GDPR) is set to significantly change the data protection landscape
More informationDATA BREACH NOTIFICATION POLICY. Last Updated: Review Date:
DATA BREACH NOTIFICATION POLICY Last Updated: Review Date: 38T 38T Data Breach Notification policy TABLE OF CONTENTS 1. OVERVIEW... 2 2. ABOUT THIS POLICY... 2 3. SCOPE... 2 4. DEFINITIONS... 2 5. WHAT
More informationThe Growth Company Group Privacy Notice
The Growth Company Group Privacy Notice Version May 2018 INTRODUCTION Welcome to The Growth Company s privacy notice. We recognise the importance of the privacy and the security of your personal information
More informationAgenda. What is the GDPR? Who does GDPR apply to? Implications of Non-Compliance The Road to GDPR Compliance
Agenda What is the GDPR? Who does GDPR apply to? Implications of Non-Compliance The Road to GDPR Compliance What is the GDPR? The General Data Protection Regulation(GDPR) is a European-wide regulation
More informationwith Xavier Darmstaedter Managing Partner GEDAPRE DACOTA Consulting
with Xavier Darmstaedter Managing Partner GEDAPRE DACOTA Consulting xada@gedapre.eu tel 0475-41.03.22 xavier.darmstaedter@dacota.eu Gent, 3 October 2017 4 facts 1. We are not really in control of our personal
More informationGet ready. A Guide to the General Data Protection Regulation (GDPR) elavon.ie
Get ready A Guide to the General Data Protection Regulation (GDPR) elavon.ie The General Data Protection Regulation (GDPR) will regulate the privacy and handling of the personal data of individuals in
More informationGenera Data Protection Regulation and the Public Sector
Genera Data Protection Regulation and the Public Sector Tuesday 30 May 2017 @mhclawyers Welcome Edward Gleeson Partner & Head of Public & Administrative Law Mason Hayes & Curran GDPR for Public Bodies
More informationSelf-Assessment Questionnaire Controllers
Preparing for The Data Protection (Bailiwick of Guernsey) Law, 2017 Self-Assessment Questionnaire Controllers 1. The current data protection legislation the Data Protection (Bailiwick of Guernsey) Law,
More informationP Drive_GDPR_Data Protection Policy_May18_V1. Skills Direct Ltd ( the Company ) Data protection. Date: 21 st May Version: Version 1.
Company Name: Document DP3 Topic: Skills Direct Ltd ( the Company ) Data Protection Policy Data protection Date: 21 st May 2018 Version: Version 1 Contents Introduction Definitions Data processing under
More informationGeneral Data Protection Regulation
General Data Protection Regulation Caroline Budde Vice President, Compliance, Global Privacy Officer Walgreens Boots Alliance Agenda Overview of global data protection The General Data Protection Regulation
More information