IMS & DATA PRIVACY
On 25th May 2018, a European privacy law, the General Data Protection Regulation (GDPR), will come into effect.
The General Data Protection Regulation standardises data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information (PII). It also extends the protection of personal data and data protection rights by giving control back to EU residents. GDPR replaces the 1995 EU Data Protection Directive, and it also supersedes the 1998 UK Data Protection Act.
Imposing new rules on companies, government agencies, non-profits, and other organisations that offer goods and services to people in the European Union (EU), or that collect and analyse data tied to EU residents, the GDPR applies no matter where you are located.
GDPR legislation changes can be summarised as follows
Individuals have the right to:
- Access/erase/export their personal data
- Correct errors in their personal data
- Object to processing of their personal data
Organisations will need to:
- Protect personal data
- Notify authorities of any personal data breach
- Obtain appropriate consents for processing data
- Keep records detailing data processing
- Provide clear notice of data collection
- Outline processing purposes and use
- Define data retention and deletion policies
- Train privacy personnel and employees
- Audit and update data policies
- Employ a data protection officer (if required)
- Create and manage compliant vendor contracts
If you wish to request access to the personal information we hold on you please click here.
If you wish to update your communication preferences to decide how we send you information please click here.