You may well be aware that current data protection laws are being bolstered by new European legislation; namely the new General Data Protection Regulation (GDPR).
Despite Brexit, the GDPR will apply in the UK from 25th May 2018
The GDPR represents a strengthening of existing legislation and places additional requirements on organisations. You will need to review and revise your organisations processes in order to ensure you remain compliant.
The Information Commissioner’s Office (ICO) offers a wealth of support for organisations as well as specific GDPR guidance, including ‘12 steps you can take now’ in order to prepare for the May 2018 deadline.
The ICO guidance is continuously being revised to take account of the latest European guidance. There is a dedicated web-page, which will provide ongoing data protection reform updates.
Sefton CVS has developed the following presentation outlining the key aspects of the GDPR and suggesting actions that will support your compliance.
- Click here to download in PDF format
- Click here to download in Powerpoint format
- Click here to download the Slideshow
Click here to download the Information Audit template (as referred to in the presentation)
Click here to download the Privacy Impact Assessment template (as referred to in the presentation)
There is also ICO guidance on data protection and fundraising. The use of personal data is central to most fundraising activities and there has been a great deal of public and media scrutiny of fundraising techniques. If you use personal data to fundraise then you need to follow the latest guidance on fundraising and data protection. The Fundraising Regulator provides guidance which complements guidance from the ICO on direct marketing.
The Sefton CVS Data Retention Schedule is included here as a reference guide.