The DATA PROTECTION ACT (GDPR)
As most of you will have read or heard, the GDPR (General Data Protection Regulations) Act is changing from 25th May 2018!
The 8 main principles are:
1. Personal data must be processed fairly and legally.
2. Personal data must only be obtained for specific and legal purposes, and must only be processed in a way that is consistent with the specified purpose.
3. Personal data must be adequate, relevant and not excessive for the purpose it is processed for.
4. Personal data must be accurate and where necessary, kept up to date.
5. Personal data processed for any purpose must not be kept longer than is necessary to fulfil that purpose.
6. Personal data must be processed in line with the Data subject’s rights. The rights of the individual are central to this principle.
7. Appropriate security measures must be taken to protect against unauthorised or illegal data processing.
8. Transferring personal data outside the European Economic Area (EEA) is restricted unless the rights and freedom of data subjects are protected.
At Chelmer, we are already taking actions to come in line with these new regulations. We would strongly recommend that you take a look and if necessary gain further advice from the ICO (Information Commissioner’s Office).
You can take a look at “Preparing for the GDPR) – 12 Steps to take now – under this link:
There is also a Getting Ready step by step under:
We hope this gets you started!