General Data Protection Regulation (GDRP)2019-08-13T18:32:38+01:00

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union regulation that replaced the current Data Protection Act 1998 and came into force on 25th May 2018.

GDPR has been in development since 2012 by the European Union Parliament and the Trust to harmonise and strengthen the rights of data subject across Europe, including when data is transferred to third party countries.

The Regulation enhances the rights of individuals whose personal data is processed by an entity and allows for new changes such as the right to be forgotten and right to erasure.

It also provides for increased accountability and processes to demonstrate compliance.  For example; we may be required to either appoint a Data Protection Officer (DPO) or designate individual to take proper responsibility for the important task of data protection compliance.  Also the requirements for consent are now much higher.

All breaches will have to be reported to the Information Commissioners Office within 72 hours and the potential fines for breaches are up to €20 million.

Data Registration Certificate (132.6 KiB)

Subject Access - Request Form (193.5 KiB)

NameDate UploadedSize
Data Audit Schedule4th June 2019231.1 KiB
GDPR - Document Retention And Disposal Policy 20194th June 2019212.1 KiB
GDPR - Document Retentions - Appendix A4th June 2019213.8 KiB
GDPR - Information Data Protection Policy 20194th June 2019201.7 KiB
GDPR - The Management Of Transferable Data Policy 20194th June 2019165.2 KiB
Social Media Policy Statement - May 20194th June 2019102.0 KiB
FOI Policy 20194th June 201969.7 KiB
Data-Protection-Policy- - May 20194th June 2019169.6 KiB

How can I find out more?

We will continue to ensure compliance with GDPR.  Should you wish to know more about the GDPR, please visit the Information Commissioner’s Office Dedicated Webpage on the ICO website.