Facebook Twitter Pinterest Google+ Addthis

GDPR

Data protection

The General Data Protection Regulation (GDPR) and a new UK Data Protection Act is now in place bringing new requirements on how we handle personal data.

Guidance

The Information Commissioner has a helpful guide on the General Data Protection Regulation (GDPR) key requirements.

We have prepared a guide on Data Subjects Rights.

Download a copy of the full Data Subjects Rights leaflet. If you wish to view a specific section please select from the following.

What are we doing to prepare?

Compliance

You can read the council's Data Protection Statement of Compliance.

Training

Staff training is being rolled out across the council.

Privacy notices

Detailed privacy notices will be issued for each time we gather your data, to inform you of how we will handle your data and your rights.  This privacy notice will give you a general overview of how the council will handle your data.

Contract clauses

We are amending our contract clauses to meet the GDPR standards and will expect all contractors to demonstrate that they meet the requirements for data handling.

Data sharing agreements

Review all data sharing agreements and ensure that all data sharing is covered by a contract or data sharing agreement.

Privacy impact assessments

A privacy impact assessment is a risk based review of data processing and focuses on the wider implications of privacy and freedoms. We will carry our Privacy Impact Assessment on all new or changed data processing.

Policy review

We have a large suite of Information Governance policies and all will be reviewed in before May 2018.

Retention and disposal schedules

The council’s Retention and Disposal Schedules set out the legislation, guidance and best practice regarding record retention and disposal.