General Data Protection Regulation (GDPR) 1. Background
|
|
- Delilah Matthews
- 6 years ago
- Views:
Transcription
1 General Data Prtectin Regulatin (GDPR) 1. Backgrund The GDPR will apply in the UK frm 25 May 2018 and when it cmes int frce will replace all the data prtectin legislatin including the UK s Data Prtectin Act f The gvernment has cnfirmed that the UK s decisin t leave the EU will nt affect the implementatin f the GDPR. The text has nw been finalised and the Infrmatin Cmmissiner s Office (ICO) is prviding guidance t firms thrughut 2017 t enable them t cmply frm May Much f the current DPA regulatin will remain hwever GDPR enhances sme f the regulatin and brings in new regulatin. These are set ut in the sectins belw. 2. Data Cntrllers and Data Prcessrs The GDPR applies t cntrllers and prcessrs. The definitins are bradly the same as under the DPA i.e. the cntrller says hw and why persnal data is prcessed and the prcessr acts n the cntrller s behalf. If yu are currently subject t the DPA, it is likely that yu will als be subject t the GDPR. If yu are a prcessr, the GDPR places specific legal bligatins n yu; fr example, yu are required t maintain recrds f persnal data and prcessing activities. Yu will have significantly mre legal liability if yu are respnsible fr a breach. These bligatins fr prcessrs are a new requirement under the GDPR. Hwever, if yu are a cntrller, yu are nt relieved f yur bligatins where a prcessr is invlved the GDPR places further bligatins n yu t ensure yur cntracts with prcessrs cmply with the GDPR. The GDPR applies t prcessing carried ut by rganisatins perating within the EU. It als applies t rganisatins utside the EU that ffer gds r services t individuals in the EU. The GDPR des nt apply t certain activities including prcessing cvered by the Law Enfrcement Directive, prcessing fr natinal security purpses and prcessing carried ut by individuals purely fr persnal/husehld activities. 3. Principles The data prtectin principles, as set ut in the DPA, remain but they have been cndensed int six as ppsed t eight principles. Article 5 f the GDPR states that persnal data must be: 1. Prcessed fairly, lawfully and in a transparent manner in relatin t the data subject. 1
2 2. Cllected fr specified, explicit and legitimate purpses and nt further prcessed fr ther purpses incmpatible with thse purpses. 3. Adequate, relevant and limited t what is necessary in relatin t the purpses fr which data is prcessed. 4. Accurate and, where necessary, kept up t date. 5. Kept in a frm that permits identificatin f data subjects fr n lnger than is necessary fr the purpses fr which the persnal data is prcessed. 6. Prcessed in a way that ensures apprpriate security f the persnal data including prtectin against unauthrised r unlawful prcessing and against accidental lss, destructin r damage, using apprpriate technical r rganisatinal measures. Firms will need t review data retentin prcesses including electrnic data. The ICO has yet t prvide full guidance n retentin f data recrds. Once full guidance has been prvided firms will need t review n line data retentin. Changes may need t be made t this s nly base data is kept which cannt be used t identify a custmer. Cnsent Like the DPA, the GDPR will require data cntrllers t have a legitimate reasn fr prcessing persnal data. If they rely n the cnsent f the data subject, they must be able t demnstrate that it was freely given, specific, infrmed and unambiguus fr each purpse fr which the data is being prcessed. Cnsent can be given by a written, including electrnic r ral statement. This culd include the data subject ticking a bx when visiting a website, chsing technical settings fr scial netwrk accunts r by any ther statement r cnduct which clearly indicates their acceptance f the prpsed prcessing f persnal data. Silence, pre-ticked bxes r inactivity will n lnger cnstitute cnsent. There will need t be a change regarding marketing preferences. The marketing preferences will need t be pt in bxes rather than pt ut and it is likely they will need t be made separate fr , scial media, pst, phne and text. Children The preamble t the GDPR states: Children deserve specific prtectin f their persnal data, as they may be less aware f risks, cnsequences, safeguards and their rights in relatin t the prcessing f persnal data. This cncerns especially the use f persnal data f children fr the purpses f marketing r creating persnality r user prfiles and the cllectin f child data when using services ffered directly t a child. Article 8 requires that where the persnal data f a child under 16 is being prcessed t prvide infrmatin sciety services (fr example, n-line businesses, scial netwrking sites, etc) cnsent must be btained frm the hlder f parental respnsibility fr the child. Member states are allwed t lwer this threshld where apprpriate but nt belw the age f 13 which the UK is likely t d. Firms need t review whether this applies t them. 2
3 4. Data subjects rights The list f rights that a data subject can exercise has been widened by sectin 2 f the GDPR. The GDPR prvides the fllwing rights fr individuals:- 1. The right t be infrmed; 2. The right f access; 3. The right t rectificatin; 4. The right t erasure; 5. The right t restrict prcessing; 6. The right t data prtability; 7. The right t bject; 8. Rights in relatin t autmated decisin making and prfiling. The subject access right, rectificatin and being able t bject t direct marketing remain. The right t have persnal data prcessed fr restricted purpses and the right t transfer data/have it transferred t anther data cntrller (data prtability) are new rights. In additin, article 17 intrduces a right t be frgtten, which means data subjects will be able t request that their persnal data is erased by the data cntrller and n lnger prcessed. This will be where the data is n lnger necessary in relatin t the purpses fr which it is prcessed, where data subjects have withdrawn their cnsent, where they bject t the prcessing f their data r where the prcessing des nt cmply with the GDPR. Hwever, the further retentin f such data will be lawful in sme cases where it is necessary fr cmpliance with a legal bligatin r fr reasns f public interest in the area f public health r fr the exercise r defence f legal claims. T strengthen the right t be frgtten nline, the GDPR requires that a data cntrller wh has made the persnal data public shuld infrm ther data cntrllers which are prcessing the data t erase any links t, r cpies r replicatins f, that data. Firms will need t review prcesses t ensure that they are able t delete data where the custmer requests it and meet the requirement where data has been shared r made public. 5. Accuntability and Gvernance The GDPR includes prvisins that prmte accuntability and gvernance. These cmplement the GDPR s transparency requirements. While the principles f accuntability and transparency have previusly been implicit requirements f data prtectin law, the GDPR s emphasis elevates their significance. 3
4 Yu are expected t put int place cmprehensive but prprtinate gvernance measures. Gd practice tls that the ICO has champined fr a lng time such as privacy impact assessments and privacy by design are nw legally required in certain circumstances. Ultimately, these measures shuld minimise the risk f breaches and uphld the prtectin f persnal data. Practically, this is likely t mean mre plicies and prcedures fr rganisatins, althugh many rganisatins will already have gd gvernance measures in place. Accuntability Principle The new accuntability principle in Article 5(2) requires yu t demnstrate that yu cmply with the principles and states explicitly that this is yur respnsibility. Firms must: Implement apprpriate technical and rganisatinal measures that ensure and demnstrate that they cmply. This may include internal data prtectin plicies such as staff training, internal audits f prcessing activities, and reviews f internal HR plicies. Maintain relevant dcumentatin n prcessing activities. Where apprpriate, appint a data prtectin fficer. Implement measures that meet the principles f data prtectin by design and data prtectin by default. Measures culd include: Data minimisatin; Pseudnymisatin; Transparency; Allwing individuals t mnitr prcessing; and Creating and imprving security features n an nging basis. Use data prtectin impact assessments where apprpriate. Recrds f prcessing activities (dcumentatin) As well as yur bligatin t prvide cmprehensive, clear and transparent privacy, if yur rganisatin has mre than 250 emplyees, yu must maintain additinal internal recrds f yur prcessing activities. If yur rganisatin has less than 250 emplyees yu are required t maintain recrds f activities related t higher risk prcessing, such as: prcessing persnal data that culd result in a risk t the rights and freedms f individual; r prcessing f special categries f data r criminal cnvictins and ffences. 4
5 Recrds that need t be kept Yu must maintain internal recrds f prcessing activities. Yu must recrd the fllwing infrmatin - there are sme similarities with registrable particulars under the DPA which must be ntified t the ICO. Name and details f yur rganisatin (and where applicable, f ther cntrllers, yur representative and data prtectin fficer); Purpses f the prcessing; Descriptin f the categries f individuals and categries f persnal data; Categries f recipients f persnal data; Details f transfers t third cuntries including dcumentatin f the transfer mechanism safeguards in place; Retentin schedules; Descriptin f technical and rganisatinal security measures. Yu may be required t make these recrds available t the relevant supervisry authrity fr purpses f an investigatin. Data prtectin by design Organisatins will be expected t include data prtectin cntrls at the design stage f new prjects invlving the prcessing f persnal data. Where they wish t prcess persnal data that pses ptentially high risks they will have t, prir t the prcessing, carry ut a data prtectin impact assessment. Data prtectin impact assessments (DPIAs) (als knwn as privacy impact assessments r PIAs) are a tl which can help rganisatins identify the mst effective way t cmply with their data prtectin bligatins and meet individuals expectatins f privacy. An effective DPIA will allw rganisatins t identify and fix prblems at an early stage, reducing the assciated csts and damage t reputatin which might therwise ccur. While nt a legal requirement under the DPA, the ICO has prmted the use f DPIAs as an integral part f taking a privacy by design apprach. Data prtectin fficer Sectin 4 f the regulatin intrduces a statutry rle f data prtectin fficer (DPO). Mst rganisatins handling persnal data, bth data cntrllers and data prcessrs, will require a DPO wh will have a key rle in ensuring cmpliance with the GDPR. A grup f undertakings may appint a single DPO prvided that s/he is easily accessible. Public bdies may als have a single DPO fr several such authrities r bdies, taking accunt f their rganisatinal structure and size. The DPO, wh can be a staff member r cntractr, shall be designated n the basis f prfessinal qualities and, in particular, knwledge f data prtectin law and practices, and the ability t fulfil the tasks referred t in article 37. These are:- 5
6 t infrm and advise the cntrller r the prcessr and the emplyees wh are prcessing persnal data f their bligatins pursuant t the GDPR; t mnitr cmpliance with the GDPR, including the assignment f respnsibilities, awareness-raising and training f staff invlved in the prcessing peratins, and the related audits; t prvide advice where requested as regards the data prtectin impact assessment and mnitr its perfrmance pursuant t article 33; t c-perate with the supervisry authrity (the ICO); and t act as the cntact pint fr the supervisry authrity n issues related t the prcessing f persnal data. Cdes f cnduct and certificatin mechanisms The GDPR endrses the use f apprved cdes f cnduct and certificatin mechanisms t demnstrate that yu cmply. The specific needs f micr, small and medium sized enterprises must be taken int accunt. Signing up t a cde f cnduct r certificatin scheme is nt bligatry. But if an apprved cde f cnduct r certificatin scheme that cvers yur prcessing activity becmes available, yu may wish t cnsider wrking twards it as a way f demnstrating that yu cmply. Adhering t cdes f cnduct and certificatin schemes brings a number f benefits ver and abve demnstrating that yu cmply. It can: imprve transparency and accuntability - enabling individuals t distinguish the rganisatins that meet the requirements f the law and they can trust with their persnal data; prvide mitigatin against enfrcement actin; and imprve standards by establishing best practice. When cntracting wrk t third parties, including prcessrs, yu may wish t cnsider whether they have signed up t cdes f cnduct r certificatin mechanisms. Review current prcess t ensure that it meets GDPR requirements. 6. Security breaches Under the current DPA, even in the mst serius data breaches, there is n requirement t infrm the ICO. Article 31 f the GDPR requires that, as sn as the rganisatin becmes aware a persnal data breach has ccurred, it shuld, withut undue delay and, where feasible, nt later than 72 hurs after becming aware f it, ntify the persnal data breach t the ICO, unless the rganisatin is able t demnstrate that the breach is unlikely t result in a risk fr the rights and freedms f individuals. Where this cannt be achieved within 72 hurs, an explanatin f the reasns fr the delay shuld accmpany the ntificatin t the ICO and infrmatin may be prvided in phases withut undue further delay. 6
7 Furthermre, data subjects shuld be ntified withut undue delay if the persnal data breach is likely t result in a high risk t their rights and freedms t allw them t take the necessary precautins. This ntificatin shuld describe the nature f the persnal data breach as well as recmmendatins fr the individual cncerned t mitigate ptential adverse effects. This shuld be dne as sn as reasnably feasible, and in clse cperatin with the ICO and respecting guidance prvided by it r ther relevant authrities (fr example, law enfrcement authrities). Firms will need t review current data breach prcesses t assess when a ntificatin t ICO is required. There will need t be a prcess in place t make the ntificatin within the 72 hur deadline. 7. Transfers f Data The GDPR impses restrictins n the transfer f persnal data utside the Eurpean Unin, t third cuntries r internatinal rganisatins, in rder t ensure that the level f prtectin f individuals affrded by the GDPR is nt undermined. 8. Fines Currently, the ICO can issue a mnetary penalty ntice f up t 500,000 fr serius breaches f the DPA. The GDPR intrduces much higher fines. Fr sme breaches f the GDPR, rganisatins can receive a fine f up t 4% f glbal annual turnver fr the preceding year (fr undertakings) r 20m. Fr ther breaches (fr example, failing t keep recrds r cmplying with security bligatins) the fine can be up t 10m r 2% f glbal annual turnver (fr undertakings). Brank Ltd prvides general insurance FCA cmpliance cnsultancy, supprt services, general management cnsultancy and prject management. Fr FCA wrk all advice given is based upn ur current understanding f the regulatins and the regulatrs nrmal practice as at the date f any reprt r recmmendatins. As regulatin is a dynamic prcess, any advice given must be reviewed frm time t time t ensure that it remains apprpriate and up t date. Current ht tpics include evaluatin f Cnduct Risk, implementatin f the Insurance Distributin Directive and effective cmplaints management. Please cntact us t discuss yur wn individual needs. 7
Data Protection Officer: David Parkes
Cmpany Name: Cmpany Cntact details: Unitemps De Mntfrt University ( the Cmpany ) Unitemps DMU 1st Flr, Campus Centre, De Mntfrt University, Leicester, LE1 9BH Telephne: 0116 207 8351 Data Prtectin Officer:
More informationData Protection Officer: Tracy Landon
Cmpany Name: Cmpany Cntact details: Unitemps Nttingham Trent University ( the Cmpany ) Unitemps NTU 50 Shakespeare Street, Nttingham Trent University Nttingham, NG1 4FQ Telephne: 0115 848 4740 Data Prtectin
More informationData Protection Officer: Phil Oakman
Cmpany Name: Cmpany Cntact details: Unitemps Nrthamptn ( the Cmpany ) Unitemps Nrthamptn Park Campus, Charles Bradlaugh Building, University f Nrthamptn Nrthamptn, NN2 7AL Telephne: 01604 892121 Data Prtectin
More informationOur Intent. We are committed to safeguarding the privacy of users to our website and we will only use the information we collect about you lawfully.
PRIVACY NOTICE LGfL GENERAL OVERVIEW Our Intent. We are cmmitted t safeguarding the privacy f users t ur website and we will nly use the infrmatin we cllect abut yu lawfully. Changes t Data Prtectin Legislatin.
More informationThe Data Processor. This eadmissions website is owned and operated by LGfL. The eadmissions support team can be contacted at:
PRIVACY POLICY LGfL eadmissins OVERVIEW Our Intent. We are cmmitted t safeguarding the privacy f users wh use the eadmissins website service and we will nly use the infrmatin we cllect abut yu lawfully.
More informationMersham Sports Club Flood Street, Mersham, Ashford, Kent, TN25 6NX
Mersham Sprts Club Fld Street, Mersham, Ashfrd, Kent, TN25 6NX www.mershamsprtsclub.cm PRIVACY NOTICE FOR VOLUNTEERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal
More informationNorth Hockey Umpiring Association (NHUA) PRIVACY NOTICE FOR OUR MEMBERS
Nrth Hckey Umpiring Assciatin (NHUA) PRIVACY NOTICE FOR OUR MEMBERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur
More informationPrivacy Notice. Read more. What information do we collect from you?
Privacy Ntice Fisher German is the trading name f Fisher German LLP. We are a limited liability partnership f chartered surveyrs, rural prperty cnsultants and land agents. We are cmmitted t prtecting and
More informationMersham Sports Club Flood Street, Mersham, Ashford, Kent, TN25 6NX
Mersham Sprts Club Fld Street, Mersham, Ashfrd, Kent, TN25 6NX www.mershamsprtsclub.cm PRIVACY NOTICE FOR OUR MEMBERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal
More informationReferences to we, our or us in this privacy notice are to The Joanne Banks Dancers, Studio 10, Durham Street, Spennymoor, Co.
The Janne Banks Dancers PRIVACY NOTICE FOR OUR CUSTOMERS AND PUPILS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur
More informationPenketh Panther Netball Club
Penketh Panther Netball Club PRIVACY NOTICE FOR OUR MEMBERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur membership
More informationSandra White MSP Data Protection Privacy Notice. This privacy notice explains how my office collects and uses personal information about individuals.
Sandra White MSP Data Prtectin Privacy Ntice This the Privacy Ntice f the ffice f Sandra White MSP. This privacy ntice explains hw my ffice cllects and uses persnal infrmatin abut individuals. My ffice
More informationWhat You Should Know About GDPR. What is the GDPR?
What Yu Shuld Knw Abut GDPR What is the GDPR? The Eurpean Unin s General Data Prtectin Regulatin ( GDPR), effective May 25, 2018, is a far-reaching regulatin applicable t rganizatins with Eurpean Ecnmic
More informationWhat You Should Know About GDPR. What is the GDPR?
What Yu Shuld Knw Abut GDPR What is the GDPR? The Eurpean Unin s General Data Prtectin Regulatin ( GDPR), effective May 25, 2018, is a far-reaching regulatin applicable t rganizatins with Eurpean Ecnmic
More informationCHIPPING SODBURY GOLF CLUB PRIVACY NOTICE FOR VOLUNTEERS
CHIPPING SODBURY GOLF CLUB PRIVACY NOTICE FOR VOLUNTEERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur relatinship
More information1 The types of personal information we collect
ICBC (LONDON) PLC NEW CANDIDATE PRIVACY NOTICE As part f ur recruitment prcess, the Industrial and Cmmercial Bank f China (ICBC) cllects and prcesses persnal data relating t jb applicants. The Bank is
More informationThe Grannies Cricket Club
The Grannies Cricket Club PRIVACY NOTICE FOR OUR MEMBERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur membership
More informationOPM RFC PRIVACY NOTICE
OPM RFC PRIVACY NOTICE Summary f hw we and the RFU use yur data OPM RFC uses yur persnal data t manage and administer yur membership and yur invlvement with its teams and club, and t keep in cntact with
More informationCHERRYTREE FARM CAMPING WEBSITE AND MARKETING PRIVACY NOTICE
CHERRYTREE FARM CAMPING WEBSITE AND MARKETING PRIVACY NOTICE INTRODUCTION Welcme t the Cherry Tree Farm Camping's privacy ntice. Cherry Tree Farm Camping respects yur privacy and is cmmitted t prtecting
More informationReferences to we, our or us in this privacy notice are to MIDLANDS NORDIC WALKING
Midlands Nrdic Walking PRIVACY NOTICE FOR OUR GROUP MEMBERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur membership
More informationHAMPSHIRE CRICKET BOARD LTD PRIVACY NOTICE
HAMPSHIRE CRICKET BOARD LTD PRIVACY NOTICE We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur invlvement with us. This
More informationLions Ski Club Privacy Policy (Version 1: 23/05/2018)
Lins Ski Club Privacy Plicy (Versin 1: 23/05/2018) Summary f hw Lins Ski Club use, share and stre yur data Lins Ski Club uses yur persnal data t manage and administer yur membership and yur invlvement
More informationGuidance on the Privacy and Electronic Communications (EC Directive) Regulations
Infrmatin Security Guidance Title: Status: Guidance n the Privacy and Electrnic Cmmunicatins (EC Directive) Regulatins Released 1. Purpse This guidance n the Privacy and Electrnic Cmmunicatins (EC Directive)
More informationPRIVACY NOTICE - STUDENTS
Page: 1 f 8 1. Scpe All student data subjects whse persnal data is cllected, in line with the requirements f the GDPR. 2. Respnsibilities 2.1 The Data Prtectin Officer / GDPR Owner is respnsible fr ensuring
More informationSt Albans Musical Theatre Company
St Albans Musical Theatre Cmpany ST ALBANS MUSICAL THEATRE COMPANY PRIVACY POLICY This ntice describes hw St Albans Musical Theatre Cmpany (als referred t as "SAMTC", "we", "us" r ur ), prcess yur persnal
More informationBANBURY UNITED COMMUNITY FOOTBALL CLUB LTD
BANBURY UNITED COMMUNITY FOOTBALL CLUB LTD PRIVACY NOTICE We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur membership
More informationPRIVACY NOTICE FOR IMPERIAL COLLEGE LONDON EVENTS
PRIVACY NOTICE FOR IMPERIAL COLLEGE LONDON EVENTS This Privacy Ntice (Ntice) explains hw Imperial Cllege Lndn (the Cllege, we, ur, us) prcesses yur persnal data when yu attend its events (including public
More informationPROCESSING NOTICE ALUMNI
PROCESSING NOTICE ALUMNI SUMMARY This summary is intended t cnvey essential infrmatin nly. Fr mre detailed infrmatin abut hw Ravensburne cllects, stres and prcesses yur persnal data can be fund in the
More informationAlumni and Supporters Privacy Notice
Alumni and Supprters Privacy Ntice Hw we use yur persnal data (fr alumni and supprters) The University regards the alumni service as an imprtant and integral part f the University's lng term cmmitment
More informationNORTHERN IRELAND JUDO FEDERATION PRIVACY NOTICE FOR VOLUNTEERS
NORTHERN IRELAND JUDO FEDERATION PRIVACY NOTICE FOR VOLUNTEERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre, during and after yur relatinship
More informationGDPR FOR ACCOUNTANTS: YOUR QUESTIONS ANSWERED
ICAEW BUSINESS LAW / IT FACULTY FAQs GDPR FOR ACCOUNTANTS: YOUR QUESTIONS ANSWERED Business Law /IT Faculty FAQs are published by ICAEW s Business Law team and the IT Faculty. GDPR fr Accuntants: Yur Questins
More informationPrivacy Policy with regards to The General Data Protection Regulation
Privacy Plicy with regards t The General Data Prtectin Regulatin Created May 2018 1 Plicy Statement We take yur privacy seriusly and understand that yu trust us use and stre yur persnal identifiable infrmatin
More informationWILTSHIRE AND SWINDON SPORT (WASP) PRIVACY NOTICE 20 APRIL 2018
WILTSHIRE AND SWINDON SPORT (WASP) PRIVACY NOTICE 20 APRIL 2018 References t we, ur r us in this privacy ntice are t Wiltshire and Swindn Sprt (WASP) We are cmmitted t respecting yur privacy. This ntice
More informationGENERAL PRIVACY NOTICE
GENERAL PRIVACY NOTICE 1. INTRODUCTION This General Privacy Ntice ( Ntice ) explains hw we may cllect and use infrmatin that Keppel Crpratin Limited, its related crpratins and/r assciated cmpanies ("Keppel")
More informationPRIVACY POLICY. Last Modified: 23 rd of May, 2018
PRIVACY POLICY Last Mdified: 23 rd f May, 2018 Infrmatin abut Us ALTIUS INSURANCE LTD (hereinafter we, us r ur ) is the cntrller f the infrmatin cllected r prvided directly. We respect yur privacy and
More informationPrivacy Notice Alumni Relations and Fundraising
1 Privacy Ntice Alumni Relatins and Fundraising Intrductin This ntice explains hw and why the Fundatin Develpment & Alumni Relatins Office cllects persnal infrmatin abut yu when carrying ut ur alumni relatins
More informationOLA Privacy Policy for Australia
1. Respecting yur privacy OLA Privacy Plicy fr Australia OLA Australia Pty Limited and its related bdies crprate (including its Indian parent cmpany, ANI Technlgies Private Limited) (the OLA Grup) is cmmitted
More informationRecruitment Privacy Notice. Information we collect about you
Recruitment Privacy Ntice At BAT we are cmmitted t prtecting the privacy f ur candidates and users f this erecruitment Site ("Site"). We want t prvide a safe and secure user experience. We will ensure
More informationData subjects rights in the GDPR
Rights f the Data Subjects in the GDPR E. Kindt and Valerie Verddt, KU Leuven, CiTiP Data subjects rights in the GDPR Fair prcessing principle Transparency, establishing trust, accuntability Rights Right
More informationQuality Hotel View is a full-service conference hotel located in Malmö, Sweden, and is a part of the hotel chain Nordic Choice Hotels.
Privacy Plicy - Quality Htel View Quality Htel View is a full-service cnference htel lcated in Malmö, Sweden, and is a part f the htel chain Nrdic Chice Htels. This privacy plicy explains which persnal
More informationHAYS INTERNAL RECRUITMENT PRIVACY POLICY
HAYS INTERNAL RECRUITMENT PRIVACY POLICY INTRODUCTION This Internal Recruitment Privacy Plicy applies t individuals wh are seeking emplyment with Hays. This Internal Recruitment Privacy Plicy describes
More informationProcessing of your personal data
Mellw Clur Privacy Plicy The plicy: This privacy plicy ntice is fr all websites under mellwclur.cm and the MellwClud web services as prvided by Mellw Clur Ltd, Unit 22, Basepint Business Centre, Crab Apple
More informationA. Rational for change
Applicatin made by the Slicitrs Regulatin Authrity Bard t the Legal Services Bard under Part 3 f Schedule 4 t the Legal Services Act 2007, fr the apprval f changes t regulatry arrangements relating t the
More informationCompliance with Canadian Data Protection Laws: Are Retailers Measuring Up?
Cmpliance with Canadian Data Prtectin Laws: Are Retailers Measuring Up? EXECUTIVE SUMMARY The Persnal Infrmatin Prtectin and Electrnic Dcuments Act ( PIPEDA ) was intrduced in 2001 t prtect Canadians frm
More informationBOWLS ENGLAND PRIVACY NOTICE FOR OUR MEMBERS
Bwls England Privacy Ntice: Apprved May 2018 BOWLS ENGLAND PRIVACY NOTICE FOR OUR MEMBERS We are cmmitted t respecting yur privacy. This ntice is t explain hw we may use persnal infrmatin we cllect befre,
More informationNEW LAWS REGARDING BUILDING PRODUCTS (QLD)
BUILDING SERVICES Ref: LEG 17-05 Current at Nvember 2017 NEW LAWS REGARDING BUILDING PRODUCTS (QLD) Frm 1 Nvember new laws regarding nn-cnfrming building prducts apply t all building prjects in Queensland.
More informationPay policy programme for Lund University
Dnr I F 9 5307/1999 1 Pay plicy prgramme fr Lund University apprved by the University Bard n 7 April 2000 The basic aim f the pay plicy is t help the University in achieving its targets. Mtivated, cmmitted
More informationPrivacy notice policy for clients
WWW.ECHELONLAW.CO.UK 1 PLOUGH PLACE, LONDON, EC4A 1DE TEL +44 (0)20 7096 8442 Privacy ntice plicy fr clients May 2018 Risk & Cmpliance Department Echeln Law is the trading name f Echeln Law Ltd, registered
More informationIESBA Meeting (March 2013) Agenda Item
Agenda Item 7-A Backgrund Lng Assciatin f Senir Persnnel (Including Partner Rtatin) with an Audit Client Matters fr Cnsideratin 1. Paragraph 290.150 f the IESBA Cde f Ethics fr Prfessinal Accuntants (the
More informationPlease contact us if you have questions about our privacy practices that are not addressed in this Privacy Policy.
1. Overview We have develped this Privacy Plicy t explain hw we may cllect, retain, prcess, share and transfer yur Persnal Data when yu visit ur Sites r use ur Services. This Privacy Plicy applies t yur
More informationPRIVACY POLICY. We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:
PRIVACY POLICY Intrductin Yur privacy and trust are imprtant t us and this Privacy Plicy ( Plicy ) prvides imprtant infrmatin abut hw TM Grup Limited ( Cmpany we r us ) handles persnal infrmatin. We are
More informationThe data controller is Edwards Coaches Ltd, The Courtyard, Parc Busnes Edwards, Llantrisant CF72 8QZ.
Edwards Caches Ltd is cmmitted t prtecting and respecting yur privacy. This ntice sets ut hw we will use any persnal data that we hld abut yu. The data cntrller is Edwards Caches Ltd, The Curtyard, Parc
More informationSecondment policy This document is intended to support managers and staff understand the use of secondment
Name Secndment plicy Summary This dcument is intended t supprt managers and staff understand the use f secndment Target audience All staff Versin number 1 PIN plicy Secndment Date f this versin December
More informationCtrl + click to go directly to any section in this Privacy Policy statement
Schls Own Adventure understands cncerns abut hw data may be stred, sent and used by cmpanies particularly data relating t students/minrs fr whm yu are respnsible. Yur and their privacy is imprtant t us.
More informationCraw-Kan Telephone Cooperative Inc. CPNI / Privacy Policy
Craw-Kan Telephne Cperative Inc. CPNI / Privacy Plicy Craw-Kan Telephne Cperative Inc. is cmmitted t maintaining yur privacy. We believe that yu are entitled t knw hw Craw-Kan Telephne Cperative Inc. will
More informationof approximately 140 Catholic primary and secondary schools and colleges within the Archdiocese of Brisbane.
Privacy PURPOSE Brisbane Cathlic Educatin (BCE) is respnsible fr the administratin f apprximately 140 Cathlic primary and secndary schls and clleges within the Archdicese f Brisbane. This Privacy Plicy
More informationAPPLICABLE TO ALL DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES OF THE COMPANY
APPLICABLE TO ALL DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES OF THE COMPANY PHILOSOPHY JSAW is a prfessinally managed rganisatin and the cre value underlying ur crprate philsphy is "trusteeship". We believe
More informationManagement of Supplier Complaints and Feedback Procedure
Prcedure 224 - Versin 1 Valid t: January 2019 Management f Supplier Cmplaints and Feedback Prcedure Cntext This prcedure ensures that feedback received frm suppliers (past, current and ptential) is managed
More informationRepton Hockey Club PRIVACY NOTICE FOR OUR JUNIOR MEMBERS
Reptn Hckey Club PRIVACY NOTICE FOR OUR JUNIOR MEMBERS We at the Reptn Hckey Club want t make sure all the persnal details we hld abut yu are safe and secure, s we have put tgether this nte t tell all
More informationSelf- certification criteria for signatories of the IAB Europe OBA Framework
Self- certificatin criteria fr signatries f the IAB Eurpe OBA Framewrk Date: 12 April 2012 Table f cntents 1. Intrductin 3 2. General criteria fr self- certificatin f cmpliance 4 2.1. Data security 4 2.1.1.
More informationPERSONAL DATA PROCESSING POLICY DURING BUSINESS ACTIVITY
PERSONAL DATA PROCESSING POLICY DURING BUSINESS ACTIVITY FOR CUSTOMERS, SUPPLIERS, MARKETING, VISITORS OF WEB SITES At the jint stck cmpany NAM system, a.s. having its registered headquarters at the address:
More informationSWIM IRELAND PRIVACY NOTICE SWIM IRELAND MEMBERS/VOLUNTEERS/CUSTOMERS/PARTICIPANTS
Swim Ireland: Data Prtectin - Privacy Ntice fr Swim Ireland Members/Vlunteers/Custmers/Participants SWIM IRELAND PRIVACY NOTICE SWIM IRELAND MEMBERS/VOLUNTEERS/CUSTOMERS/PARTICIPANTS We are cmmitted t
More informationRequest for Proposals. Develop a New Personnel Policy Manual. for the. Red Wing Housing and Redevelopment Authority
Request fr Prpsals t Develp a New Persnnel Plicy Manual fr the Red Wing Husing and Redevelpment Authrity March 20, 2015 Red Wing Husing and Redevelpment Authrity 428 West Fifth Street Red Wing, MN 55066
More informationGuidance notes for completing the International Start-up Form
Guidance ntes fr cmpleting the Internatinal Start-up Frm These guidance ntes are designed t supprt yu in cmpleting the Internatinal start-up frm. Yu will als need t refer t a) yur Stage 2 applicatin frm
More informationCORPORATE. Freedom to Speak Up Standard Operating Procedure. Document Control Summary Status:
CORPORATE Freedm t Speak Up Standard Operating Prcedure Dcument Cntrl Summary Status: Replacement. This plicy supersedes the Public Interest Disclsure Plicy 28.01.15 (v3.1) Versin: V1.1 Date 01.10.16 Authr/Owner:
More informationApprenticeship ERR Workbook
Apprenticeship ERR Wrkbk Emplyee Rights and Respnsibilities Welcme and Intrductin Dear apprentice, Bth emplyers and emplyees have a range f statutry rights and respnsibilities under Emplyment Law. It is
More informationFinastra collects and processes the following types of personal data about you in connection with your job application.
Finastra EEA & Switzerland Jb Applicants Privacy Ntice 1 May 2018 This Privacy Ntice applies t jb applicants residing in an EEA cuntry r Switzerland, as well as thse applying fr a jb psitin based in an
More informationIndependent scientific review of claims by qualified bodies;
Directr: Fd Cntrl Directr-General f Health Private Bag X828 Pretria 0001 Submissin f cmments n: Regulatins Relating t the Labelling and Advertising f Fds: Amendment N. R 429. Gazette N. 37695 Published
More informationExecutive Summary European Union s General Data Protection Regulation (EU GDPR) January 2018
Executive Summary Eurpean Unin s General Data Prtectin Regulatin (EU GDPR) January 2018 Legal Disclaimer The infrmatin in this presentatin is cnfidential and prprietary t SAP and may nt be disclsed withut
More informationHAAG-STREIT PRIVACY STATEMENT
HAAG-STREIT PRIVACY STATEMENT Versin MÖLLER-WEDEL GmbH & C.KG vm 22.05.2018.2 This Privacy Statement describes the cllectin and further prcessing f persnal data by cmpanies f the Haag-Streit and its affiliates
More informationNomination for Merit Award or Contribution Points
Nminatin fr Merit Award r Cntributin Pints Wh is this dcument fr? Line Managers can submit individuals and/r teams fr cnsideratin fr a merit award r cntributin pints using ne f the frms included here.
More informationCompany Vision Our vision is to be valued as a digital, customer-focused, centre of excellence.
Jb Descriptin Jb Title: Senir Infrmatin Gvernance Analyst Abut SLC Student Lans Cmpany is a nn-prfit making Gvernment-wned rganisatin set up in 1989 t prvide lans and grants t students in universities
More informationComplaints Policy.
Cmplaints Plicy www.islandrads.cm Cntents 1 Intrductin... 3 2 What is a cmplaint?... 4 3 Wh can cmplain?... 5 4 Making a cmplaint... 6 5 Undertaking t cmplainants... 7 6 Prcess, Escalatin and Review...
More informationTHIRD SECTOR FIRST Working together to put the third sector first
THIRD SECTOR FIRST Wrking tgether t put the third sectr first Jb title: Emplyer: Reprting t: Develpment Officer (Lead Officer fr Scial Enterprise) Third Sectr First, Dumfries & Gallway Operatins Manager
More informationIsetan Personal Data Protection Policy (PDPP)
Isetan Persnal Data Prtectin Plicy (PDPP) ISETAN OF JAPAN SDN BHD (IOJ) and ICJ DEPARTMENT STORE (M) SDN BHD (ICJ) are cmmitted t ensure that Custmer s privacy is prtected in accrdance t the Persnal Data
More informationOSPAR Regional Action Plan for Prevention and Management of Marine Litter in the North-East Atlantic
OSPAR Cnventin fr the Prtectin f the Marine Envirnment f the Nrth-East Atlantic OSPAR Reginal Actin Plan fr Preventin and Management f Marine Litter in the Nrth-East Atlantic Summary: OSPAR Ministers had
More informationRecords Management Policy
Recrds Management Plicy Main Authr: Cnsultatin Rute: Apprved By: Date f Issue: Applicable: Organisatinal wide Versin: 1.0 Review Date: February 2011 Versin 1.0: February 2010 Change Cntrl Versin Change
More informationCompany Policy Buying Additional Annual Leave
Cmpany Plicy Buying Additinal Annual Leave Dcument Cntrl Table Dcument title: Buying Additinal Annual Leave Versin number: 2.3 Date apprved: 22.11.17 Apprved by: D Wythe Date f last review: 22.11.17 Departments
More informationCDM Plan Submission and Review Criteria Rules
Cnservatin First Framewrk LDC Tl Kit Final v4.0 January 17, 2018 CDM Plan Submissin and Review Rules 1) Purpse and definitins 1.1 These Rules set ut: a) the rles, respnsibilities and timing fr CDM Plan
More informationAcerta respects your privacy
Acerta respects yur privacy Privacy statement This privacy statement was last changed n: 17 December 2018. The cntrller fr cllecting and prcessing yur persnal data Acerta is an HR services grup in Belgium
More informationHR Checklist for GDPR compliance
HR & GDPR HR Checklist fr GDPR cmpliance This checklist will cver the main areas yu need t address t prepare fr the GDPR (General Data Prtectin Regulatin) which cmes int frce n May 25 th, 2018. Peple is
More informationASSESSMENT PRINCIPLES MAY 2012
The Sectr Skills Cuncil fr Prperty Services, Husing, Cleaning Services and Facilities Management the sectr skills cuncil fr the places where we live and wrk ASSESSMENT PRINCIPLES MAY 2012 POLICIES AND
More informationBERRI BARMERA COUNCIL CHIEF EXECUTIVE OFFICER JOB & PERSON SPECIFICATION
BERRI BARMERA COUNCIL CHIEF EXECUTIVE OFFICER JOB & PERSON SPECIFICATION MAY 2018 POSITION: REPORTS TO: CHIEF EXECUTIVE OFFICER MAYOR AND ELECTED COUNCIL EMPLOYMENT STATUS: FIXED TERM CONTRACT (UP TO 5
More informationAcerta respects your privacy
Acerta respects yur privacy Privacy statement This privacy statement was last mdified n: 24 May 2018. Our privacy principles Respect We recgnize that the prtectin f privacy f the data subject cnstitutes
More informationAggregate LLC ( AGGREGATE LLC ) is committed to protecting your privacy. We have prepared
PRIVACY POLICY Last Revised: August 8, 2017 Aggregate LLC ( AGGREGATE LLC ) is cmmitted t prtecting yur privacy. We have prepared this Privacy Plicy t describe t yu ur practices regarding the Persnal Data
More informationSustainability Policy. Bupa Enterprise Policy
Bupa Enterprise Plicy Sustainability Plicy We are cmmitted t engaging millins f peple arund the wrld in their health and wellbeing, and t having a minimal impact n the envirnment. Purpse Bupa 2020 cmmits
More informationCareer Entry and Development Profile Companion Guide. A Guide for ITT Tutors and Induction Tutors
Career Entry and Develpment Prfile Cmpanin Guide A Guide fr ITT Tutrs and Inductin Tutrs Intrductin Wh is the cmpanin guide fr? This guide is fr initial teacher training (ITT) tutrs wrking with trainees/teachers,
More informationRainforest Alliance Privacy Policy May 2018
1. Intrductin Rainfrest Alliance places a high pririty n prtecting yur privacy. This privacy plicy (the Privacy Plicy ) describes hw we handle the persnal infrmatin we cllect and prcess. The Privacy Plicy
More informationThe E-Recruitment Process - Guide for Line Managers
The E-Recruitment Prcess - Guide fr Line Managers This dcument is fr Line Managers. The use f the term Line Manager is purely a descriptive term fr the level f access t the E-Recruitment system and it
More informationSafer and Fair Recruitment Policy
Safer and Fair Recruitment Plicy Intrductin This dcument sets ut the plicy and prcedures t be adpted in rder t ensure that the recruitment prcess fr ur Schl is as safe and as fair as pssible. The prcedures
More informationThe BLOOM Performance Review Decision Guide
The BLOOM Perfrmance Review Decisin Guide Intrductin Planning yur perfrmance review prcess needs careful cnsideratin. Sme questins yu might be cnsidering are: 1. Hw ften will the rganizatin cmplete frmal
More informationHAAG-STREIT PRIVACY STATEMENT
HAAG-STREIT PRIVACY STATEMENT Versin IPRO GmbH f 18.05.2018.2 This Privacy Statement describes the cllectin and further prcessing f persnal data by cmpanies f the Haag-Streit and its affiliates (tgether
More informationSECTION I: RBC ROYAL BANK ONLINE APPLICATION TERMS AND CONDITIONS
SECTION I: RBC ROYAL BANK ONLINE APPLICATION TERMS AND CONDITIONS Please review the fllwing RBC Ryal Bank Online Applicatin Terms and Cnditins (the "Terms and Cnditins"). Yu must read them, check the tick
More informationTreatment Operations Engineer. Service Delivery for Customers. Environmental Operations. Manager Wastewater Treatment Operations
Psitin Descriptin Psitin Title: Emplyment Type: Sectin: Grup: Treatment Operatins Engineer Full Time Service Delivery fr Custmers Envirnmental Operatins Salary Band: Engineering Band 3 Agreement: APESMA
More informationInduction procedure for new staff
Inductin prcedure fr new staff The fllwing prcedure is based upn the NCL Safer Recruiting guidelines. Its purpse is t: cnfirm the cnduct expected f staff within the schl supprt individuals in a way that
More informationBIRMINGHAM CITY COUNCIL STRATEGY FOR OPEN DATA
What we are trying t achieve BIRMINGHAM CITY COUNCIL STRATEGY FOR OPEN DATA This strategy sets ut hw Birmingham City Cuncil will prvide regular cmprehensive releases f public pen data and hw it will use
More informationPosition Description
Psitin Descriptin Psitin: Reprts t: Lcatin: Divisin: Business Unit: Team: Jb Family: Grup Health and Safety Manager General Manager Human Resurces Christchurch Crprate Services Grup Human Resurces Health
More informationSummary of the purposes for processing your personal data and the legal basis for doing so:
PREMIER INN PRIVACY NOTICE This ntice describes hw Premier Inn Htels Ltd, (referred t as "Premier Inn") prcesses yur persnal data, as a cntrller. Our address is Whitbread Curt, Hughtn Hall Business Park,
More informationWHITE PAPER. A Practical Guide for GDPR Compliance. Published July An Osterman Research White Paper
WHITE PAPER A Practical Guide fr GDPR Cmpliance An Osterman Research White Paper Published July 2017 Osterman Research, Inc. P.O. Bx 1058 Black Diamnd, Washingtn 98010-1058 USA Tel: +1 206 683 5683 inf@stermanresearch.cm
More informationDisciplinary Procedure
Disciplinary Prcedure Applicatin Overview Definitins Prcedure Crss references Further assistance APPLICATION This prcedure nly applies t academic, prfessinal, security, grunds and dcument services staff
More information