Data Protection and Information Security. Presented by Emma Hawksworth Slater and Gordon
|
|
- Andra Sutton
- 5 years ago
- Views:
Transcription
1 Data Protection and Information Security Webinar Presented by Emma Hawksworth Slater and Gordon 1
2 3 ways to participate Ask questions link below this presentation Answer the polls link below this presentation Comment and chat click on Say something nice (bottom-right) Good afternoon and welcome introduction Please join in and participate in this webinar. If you look below this video stream you ll see links for questions and polls. If you have any questions you d like me to answer please submit them and I ll do my best to answer as many as possible at the end. You also have a chat area to the right do say hello, and chat the other participants, although don t include questions for me there as I won t see them, remember to include these via the links below the video 2
3 What s it all about? Workplace reps may handle personal information about members, for example Member contact details Personal case correspondence and documents Membership lists As a union rep it s important that you take steps to protect that information and keep it secure GDPR is bringing in important changes to the rules from 25 May 2018 So what s today all about? As workplace reps you handle personal information about members all the time, for example.. Member contact details Personal case correspondence and documents Membership lists It s important that you protect that information, and keep it secure. There is some new law in this area, the General Data Protection Regulation or GDPR which is coming into force in around 8 weeks, on 25 May This has significant implications for organisations and individuals who handle personal data, including unions and union representatives. 3
4 What s changing? Overall, GDPR rules about protecting privacy are stricter There are some enhanced protections for individuals such as stronger subject access rights and some new rights, such as the right to be forgotten Your union will be making changes to comply with the GDPR, you may see: more detailed membership application forms or more information in privacy notices on the website So what s changing? Our current data protection laws date back to 1998 and these haven t kept pace with advances in technology and the way we use data now In 2016 the EU parliament approved new data protection rules contained in the GDPR. Overall, they are intended to provide people with better protection - There are some enhanced protections for individuals such as stronger subject access rights and some new rights for the digital age, such as the right to be forgotten. You may have read about a legal case brought by individuals who wanted Google to delete some very old results which came up when they searched their name, and which they argued didn t comply with their right to privacy. The right to be forgotten looks like forming an important part of individual privacy rights in our increasingly digital world. So with these new rules which the GDPR is bringing in, your union head office will be making changes, and you may see: More detailed membership application forms or more detailed privacy notices on the website. Your union may have appointed a Data Protection Oficer or DPO to oversee this. 4
5 Today s webinar Introduction: what do the data protection rules apply to? Preparing for the GDPR Keeping member information secure Respecting members rights In today s session, I m going to start with a brief introduction to explain when data protection rules apply. Then I ll highlight three topics: Some initial steps you can take to prepare for the GDPR How you keep member information secure And finally respecting members rights Its important to say this is an introduction only, this is a vast subject, and the intention today is to highlight some aspects for you to think about, take away and do some further work on. So lets get started first, when do data protection rules apply? What information is covered? 5
6 What information is covered? Any information about a living individual such as Name Job title Work department address Union membership number* personal data *Special categories of data have stricter rules and require extra care Special categories include information about an individual s: trade union membership or nonmembership health politics Well, the data protection rules apply to any information about a living individual, from which the individual can be identified. That includes obvious things like name, date of birth, address, as well as less obvious things like IP address or address. The GDPR refers to all of this as personal data In some cases the individual will be easily identifiable, for example if their name is included. But the rules still apply even if the individual is not identified by name, provided they are identifiable by some other feature, such as their union membership number. Some categories of data have stricter rules and are referred to as Special categories of data. This is also known as sensitive personal data. The special categories of data include information about an individuals TU membership, their health, their politics, their race or religion. You need to be particularly careful when handling special categories of data. 6
7 What activities are covered? What activities? Collecting and using data Disclosing it to others Storing and deleting data Processing Where? On a computer, or On paper in a filing system, or On paper intended to be put in a filing system So that explains what information is covered by data protection rules. Next, we need to look at what activities are covered. The GDPR refers to processing of data which sounds as if it might be describing some technical computing function, but in fact refers to pretty much any use of data, including copying documents, reading them, sending by and also storing information, or deleting it, all these count as processing and so the rules apply to those activities as well. And this covers work on a computer or other electronic device, like creating documents or sending s but also covers paper records in a filing system, like personal case files, and any paper documents waiting to go into a hard copy or electronic filing system. 7
8 Processing personal data: examples Membership database on computer Personal case files in a cabinet Grievance outcome ed to you by a member Handwritten notes from a meeting with a member If they are intended to go in the member s file Contact details on your mobile phone or laptop But probably not handwritten notes in your diary So here are some examples of when your handling of member information will count as processing personal data which means the rules will apply. Accessing or working on a membership database on computer, or Personal case files in a cabinet Reading a Grievance outcome ed to you by a member Taking Handwritten notes from a meeting with a member, provided they are intended to go in the member s file Looking through contact details on your mobile phone or laptop One type of information to which the rules may not apply handwritten notes in your diary where you re not going to copy them to a hard copy or electronic file. You ll see from this that the data protection rules are likely to apply to almost all information you handle as a workplace representative, especially member information In fact almost all personal information you handle as a workplace rep is likely to be special category data because it relates to trade union membership, and so the stricter rules will apply. This means you should take extra care when handling it. 8
9 Preparing for the GDPR Find out from your regional or full time officer what your union s data protection and information security policies are Be familiar with your union s policies, and make sure you follow them when you handle member information Be aware of the GDPR s data protection principles which set out the golden rules for handling personal information I m going to move on now to the three topics I want to cover today in a bit more detail. The first of these is what you can do to prepare for the GDPR. The first step is to find out from your regional or full time officer what your union s data protection and information security policies are, read and get familiar with them, and make sure you follow them when you handle member information. Also you should be aware of what the GDPR calls the data protection principles. These are really the golden rules for handling personal information and I m going to go through a short summary of those key principles now. 9
10 Data protection principles: handle data fairly Follow the rules: you must only use data fairly and in line with the rules Only use member data in line with your union s policies and in particular don t share it with any third parties Take particular care with membership lists: if you have access to membership lists remember this is special category data, and take steps to protect this information First, the GDPR requires that you handle data fairly. This means you should only use member information in line with your union s policies. In particular don t share it with any third parties. Remember that membership lists are special category data so take extra care with this information. 10
11 Data protection principles: collect only what you need Explain why you need it: collect data for a specific purpose For example: if you ask a member for copies of their GP letters to use for their personal case, tell them why you need the letters, what you are going to do with them, who you will send them to, what you will do with them afterwards And don t take too much: collect only the data you need for that purpose For example: do you need to keep and share all the letters from the member s GP? Are they all relevant? The GDPR s golden rules also require you to be open and transparent when you collect information from a member. When a member gives you any information about themselves, whether that s an address or a bundle of documents, make sure they know why you need and what you will do with it. So that might mean which address you will use to communicate with them. Or take the example where you re assisting a member with a personal case about sickness absence. If you need copies of their GP letters, you need tell them why you need the letters, what you are going to do with them, who you will send them to, what you ll do with them afterwards. If you intend give copies to the employer, check that the member understands this and is happy for you to do it. Also, don t take more personal information than is needed for the purpose. The GDPR calls this data minimisation it really means, only take what you need. So if in example of the sickness absence case your member has a full copy of their GP record, but the latest letter has all the up to date information their employer has asked for, consider carefully whether you need the full file or whether just the latest letter is enough. 11
12 Data protection principles: update and retain data appropriately Keep it up to date: data must be accurate and up to date For example: correct contact details when asked. But don t keep it forever: data must be kept for no longer than necessary For example: what is your union s guidance about how long you should keep personal case files for and where should they be held? Do you need to keep everything? Finally on the data protection principles, the GDPR requires that you keep data up to date and that you don t keep it for longer than you need it. So, make sure you update your records when your members provide you with new information like new workplace, or home addresses, so you re not sending personal information to the wrong place. And make sure that you know your unions policy on how long you should keep information for. Some issues you might want to consider include how long you keep information about old members, and personal case files. 12
13 Information security Hacking: Carphone Warehouse was fined 400,000 when 3m customer records were put at risk by a cyberattack: the company s outdated software made it vulnerable Human error: a barrister was fined 1,000 when her files were uploaded to the internet by her husband while he updated software on their home computer Passwords/encryption: the ICO criticised a lawyer whose laptop was stolen; it contained confidential information about 8 individuals which contrary to ICO guidance was not password protected. So we ve covered the first of the topics I m going to deal with today, handling data fairly. I m going to look now at the second topic which is information security. This is a fundamental part of handling member information properly. Unions and their reps will handle all sorts of very sensitive information about their members, and its really important to keep it secure. The Information Commissioner, known as the ICO, is the regulatory body who considers complaints about breaches of data protection and information security. Here are some examples of the ICO s decisions on complaints of data breaches. Back in December Last year, Another lawyer was criticised when she had failed to password protect a laptop and it was stolen when she was having work done in her home. The ICO s guidance recommends that all mobile devices which contain confidential should have a password. in cases of loss or misuse of data that you become aware of you should immediately contact your regional or FT officer or your union's DPO so that they can advise you as to whether you need to take any other steps. 13
14 Keeping member information secure Some issues to consider about paperwork, for home, in the workplace and on the move: Clear desk policy Files kept under lock and key Take care when travelling, laptops are more secure than paper files as they can be password protected On public transport don t leave papers or a laptop unattended and don t discuss anyone s personal information with a colleague or on the phone Don t leave papers or a laptop in your car Your union s policies: it is important to read and apply the guidance your union provides about information security, and report any breaches Next I m going to highlight some areas you might want to consider about how you keep your members information secure. The starting point for all these security issues is to read your union s policies about keeping member information secure, and check that the way you work is in line with those policies. With paper files for example, do you have a clear desk policy when working on member s cases at home or in the workplace to prevent other people in your workplace or home from seeing personal information? Do you need to keep files in a locked cabinet? You need to take particular care when travelling. Don t leave papers or a laptop unattended and don t discuss personal details on public transport when others can hear. You shouldn t leave papers or a laptop in your car. Soft copies rather than papers copies are likely to be safer, because of the ability to password protect sensitive documents in digital form. 14
15 Keeping member information secure Some issues to consider about computer use, for home and in the workplace: Use remote access to union system or a case management system if available Shared computers: use password protected individual user accounts Back-up issues Consider password protection of laptops/mobiles, and individual documents on devices Your union s policies: it is important to read and apply the guidance your union provides about computer and mobile devices, and report any breaches Another important aspect to think about is your use of computers. Use remote access to union system or a case management system if available If that s not available and you are using a shared computer, make sure you set up a password protected individual user account which other users can t access. Loss of electronic documents can also cause members problems, so think about the arrangements you have for backing up your computers and other devices, and make sure these are safe too. Some 25% of complaints to the ICO relate to loss of data on mobile devices, so make sure your devices are password protected, and if you have particularly sensitive documents on a mobile device, consider adding a password to the individual document as well. 15
16 Keeping member information secure Some issues to consider about use, for home and in the workplace: Work systems Home s who has access? Double check addresses and attachments before sending Consider password protection of sensitive documents Your union s policies: it is important to read and apply the guidance your union provides about use Finally on this, some issues to consider about use of s. Again, check your union s policies as a starting point. With work s, practice may vary. In some workplaces reps won t use the work system for communications with members, others may have facilities agreements permitting use of work s. If you re unsure about the practice in your workplace, check with your union whether its OK to use your work , and if you are using it, be sure to include the words Private and Confidential in the subject line. If you are not able to use your work to correspond with members you could use your union address rather than a home address, especially if this is a shared family . If you don t have a union address, you may need to sign up for an address which is only accessible by you. Again if you are concerned, think about password protection, particularly of sensitive documents In summary - read and understand your union s policies, and check with your regional or full time officer if there is anything you are not sure about. Think about how you protect member data: both in the workplace and at home, on the move and when using mobile devices, computer and . Report any loss or unauthorised use of member data 16
17 Respecting members rights Do not try to respond to subject access requests yourself: immediately pass the request to your regional or full time officer as they have a limited time to respond to the request Assist: promptly provide any information requested by your union to assist it with responding to a request, for example copies of your correspondence with a member Read your union s policies: it is important to follow the guidance your union provides about members rights in relation to their data The focus so far has been on the data protection responsibilities of those who handle personal information. The third topic I want to highlight today is data protection rights of individuals. The best known of these is the right to make a subject access request. As I said earlier, the GDPR provides for stronger subject access rights. Individuals have the right to be given access to their personal information, generally without paying a fee, and in standard cases, information must be provided within a month. This applies to all organisations which handle data, including unions. Members have the right to request access to the personal data their union holds about them. There are two points to bear in mind about this. First of all, remember when making notes and corresponding about members that they have the right to ask for copies of what you have written about them. Secondly, if you receive a subject access request from a member, do not try to respond to it yourself: pass the request to your regional or full time officer. Do this immediately as they have a limited time to respond to the request. Also, if you are asked by the union to provide any information to assist with a response to a request, for example copies of your correspondence with a member, do so promptly. Finally, read your union s policies so you understand the rights members have to access the information you hold about them. 17
18 Key points to sum up Check: read and apply the guidance your union provides about data protection and information security Think: about your use of member data almost everything you deal with for members will be subject to the data protection rules Secure: keep all member information secure, at home, at work and on the move Report: if you receive a subject access request or in cases of loss or unauthorised use of member data, report immediately to your regional or full time officer or the union s Data Protection Officer That brings us to the end of this part of the webinar, which I ll sum up in these four points 1. Check your union s policies and make sure you are applying them 2. Think about your use of member data, especially since the data protection rules will apply to almost everything you deal with 3. Keep member information secure 4. Report any subject access requests you receive and any loss or unauthorised use of member data. Now we have around 20 minutes for your questions. 18
19 Next webinar The Gender Pay Gap Date to be confirmed. Subscribe to TUC Education on Crowdcast to be notified or check back on tuceducation.org.uk Before you go, here are some details of our next webinar when we ll be discussing the Gender Pay Gap. More information and a date to follow. Hope you can join us. 19
20 20
Ackworth Howard Church of England (VC) Junior and Infant School. Child-friendly GDPR privacy notice
Child-friendly GDPR privacy notice Child-friendly GDPR privacy notice What s this about? A new law has been made that keeps your information safe things like your address, date of birth and phone number.
More informationFrequently Asked Questions
Frequently Asked Questions After having undertaken a period of research within recreational cricket, this document is aimed at addressing the frequently asked questions from cricket Clubs, Leagues, Boards
More informationCreative Funding Solutions Limited Data Protection Policy
Creative Funding Solutions Limited Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments
More informationData Protection Policy
Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act (DPA) 2018 [UK] For information on this Policy or to request Subject Access please
More informationElement Finance Solutions Ltd Data Protection Policy
Element Finance Solutions Ltd Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments
More informationGetting your ducks in a row
Guide 4 Getting your ducks in a row What campaigns can you send? In brief What s happening? The GDPR (General Data Protection Regulation) is a new data protection regulation, bringing greater protection
More informationPS Mailing Services Ltd Data Protection Policy May 2018
PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Limited is a registered data controller: ICO registration no. Z9106387 (www.ico.org.uk 1. Introduction 1.1. Background We collect
More informationThis guide is for informational purposes only. Please do not treat it as a substitute of a professional legal
What is GDPR? GDPR (General Data Protection Regulation) is Europe s new privacy law. Adopted in April 2016, it replaces the 1995 Data Protection Directive and marks the biggest change in data protection
More informationData Protection Policy
The Worshipful Company of Framework Knitters Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act 1998 (DPA) [UK] For information on this
More informationGeneral Data Protection Regulation (GDPR) Policy
General Data Protection Regulation (GDPR) Policy Original prepared on: 01 May 2018 Reviewed on: 01 May 2018 To be reviewed on: 31 March 2019 Prepared by: Ralph Elliott-King - Financial Controller Reviewed
More informationGeneral Data Protection Regulation (GDPR) Key Facts & FAQ s
General Data Protection Regulation (GDPR) Key Facts & FAQ s GDPR comes into force on 25 May 2018 GDPR replaces the Data Protection Act 1998. The main principles are much the same as those in the current
More informationGDPR- the new General Data Protection Regulations. Staff PDM- 2 nd May 2018
GDPR- the new General Data Protection Regulations Staff PDM- 2 nd May 2018 What, when, how... It will supersede the Data Protection Act 1998. It sets out new regulations about the sharing of personal data
More informationEnviro Technology Services Ltd Data Protection Policy
Enviro Technology Services Ltd Data Protection Policy 1. CONTEXT AND OVERVIEW 1.1 Key details Rev 1.0 Policy prepared by: Duncan Mounsor. Approved by board on: 23/03/2016 Policy became operational on:
More informationData protection. 3 April 2018
Data protection 3 April 2018 Policy prepared by: Ltd Approved by the Directors on: 3rd April 2018 Next review date: 31st March 2019 Data Protection Registration Number (ico.): Z2184271 Introduction Ltd
More informationIt s still very important that you take some steps to help keep up security when you re online:
PRIVACY & SECURITY The protection and privacy of your personal information is a priority to us. Privacy & Security The protection and privacy of your personal information is a priority to us. This means
More informationIn this Policy the following terms shall have the following meanings:
NJR TRADING LTD understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, https://bar-tonic.
More informationIslam21c.com Data Protection and Privacy Policy
Islam21c.com Data Protection and Privacy Policy Purpose of this policy The purpose of this policy is to communicate to staff, volunteers, donors, non-donors, supporters and clients of Islam21c the approach
More informationAdkin s Privacy Information Notice for Clients, Contractors, Suppliers and Business Contacts
Adkin s Privacy Information Notice for Clients, Contractors, Suppliers and Business Contacts POLICY STATEMENT Adkin is committed to protecting and respecting the privacy of all of our clients. This Policy
More informationYou will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to
Suzanne Dibble 2018. Copyright in this document belongs to Suzanne Dibble. You may not copy or use it for any purpose unless you have purchased this template document from Suzanne Dibble. You may not allow
More informationPrivacy notice. Last updated: 25 May 2018
Privacy notice Last updated: 25 May 2018 www.courtprice.co.uk ('Website') is provided by Courtprice Limited ('we'/'us'/'our'). In doing so, we may be in a position to receive and process personal information
More informationThe GDPR toolkit. How to guide for Executive Committees. Version March 2018
The GDPR toolkit How to guide for Executive Committees Version 1.0 - March 2018 Contents Document Purpose... 3 What s included... 3 Step 1 - How to assess your data... 5 a) What is GDPR?... 5 b) Video
More informationPrivacy Policy. Information about us. What personal data do we collect and how do we use it?
This privacy policy sets out the way in which your personal data is handled by Leeds Bradford Airport Limited (referred to as "we", "us" and "our") whether collected through one of the websites we operate,
More informationIntroduction to Personal Data Protection DCU Risk & Compliance Office October 2015
Personal Data Protection Introduction to Personal Data Protection DCU Risk & Compliance Office October 2015 Personal Data Protection - Aims Aims of this presentation 1) Basic definitions 2) 8 principles
More informationPRIVACY POLICY. 1. Introduction
PRIVACY POLICY 1. Introduction 1.1. The Pinewood Studios Group is committed to protecting and respecting your privacy. This privacy policy (together with our Website Terms of Use and Cookies Policy) (Privacy
More informationBELLISSIMA BEAUTY SALON PRIVACY NOTICE
BELLISSIMA BEAUTY SALON PRIVACY NOTICE Bellissima Beauty Salon( Bellissima, we or us ) are committed to protecting your privacy, including online, and in the transparent use of any information you give
More informationSubject: Kier Group plc Data Protection Policy
Kier Group plc Data Protection Policy Subject: Kier Group plc Data Protection Policy Author: Compliance Document type: Policy Authorised by: Kier General Counsel & Company Secretary Version 3 Effective
More informationData Protection Policy
Introduction In order to; provide education, training, assessment and qualifications to its customers and clients, promote its services, maintain its own accounts and records and support and manage its
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationPolemic is a business involved in the collection of personal data in the course of its business activities and on behalf of its clients.
Privacy policy 1 Background This document sets out the policy of Polemic Forensic ABN 60 392 752 759 ( Polemic ) relating to the protection of the privacy of personal information. Polemic is a business
More informationData Protection Policy
Data Protection Policy Status: Released Page 2 of 7 Introduction Our Data Protection policy indicates that we are dedicated to and responsible of processing the information of our employees, customers,
More informationINCLUDE-ED PRIVACY POLICY
INCLUDE-ED PRIVACY POLICY BACKGROUND: Include-ed Limited understands that your privacy is important to you and that you care about how your personal data is used and shared. We respect and value the privacy
More informationCAREER SERVICES MANAGER, Powered by Symplicity STUDENT AND ALUMNI INSTRUCTION MANUAL
CAREER SERVICES MANAGER, Powered by Symplicity STUDENT AND ALUMNI INSTRUCTION MANUAL HOME TAB Log in at https://law-hamline-csm.symplicity.com/students/. Students For students, your login is your email
More informationMBNL Landlord Privacy Notice. This notice sets out how we handle landlord personal data as part of our General Data Protection policies (GDPR).
MBNL Landlord Privacy Notice This notice sets out how we handle landlord personal data as part of our General Data Protection policies (GDPR). SUMMARY This Privacy Notice applies to: users of our website
More informationThe Provincial Grand Lodge and Chapter of East Lancashire. Data Protection Act 1998
The Provincial Grand Lodge and Chapter of East Lancashire Data Protection Act 1998 Why do I need to read this? If you have access to the systems and records that the Province holds about our members, or
More informationPrivacy Notice. Lonsdale & Marsh Privacy Notice Version July
Privacy Notice Lonsdale & Marsh understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our clients and will
More informationOutpatient Quality Reporting Program
CMS Abstraction & Reporting Tool (CART): Knowing the Basics Presentation Transcript Moderator: Karen VanBourgondien, BSN, RN Education Coordinator, Hospital Outpatient Quality Reporting (OQR) Program Speaker(s):
More informationThe information we collect
Phone: (02) 8035 8000 Web: www.carnextdoor.com.au Email: info@carnextdoor.com.au Address: Level 3, 55 Pyrmont Bridge Rd, Pyrmont, NSW, 2009 CAR NEXT DOOR PRIVACY POLICY AND CREDIT REPORTING POLICY Last
More informationThe West End Community Trust Privacy Policy
The West End Community Trust Privacy Policy We are committed to protecting your personal information and being transparent about what we do with it, however you interact with us. We are therefore committed
More informationINNOVENT LEASING LIMITED. Privacy Notice
INNOVENT LEASING LIMITED Privacy Notice Table of Contents Topic Page number KEY SUMMARY 2 ABOUT US AND THIS NOTICE 3 USEFUL WORDS AND PHRASES 4 WHAT INFORMATION DO WE COLLECT? 4 WHY DO WE PROCESS YOUR
More informationThis article will explain how your club can lawfully process personal data and show steps you can take to ensure that your club is GDPR compliant.
GDPR and BMC Clubs Lawful basis for Processing Personal Data This article will explain how your club can lawfully process personal data and show steps you can take to ensure that your club is GDPR compliant.
More informationDATA PROTECTION POLICY
1 Your Data Protection Responsibilities DATA PROTECTION POLICY 1.1 Everyone has rights with regard to how their personal data is handled. Personal data is any information that a person can be identified
More informationGood afternoon, everyone. Thanks for joining us today. My name is Paloma Costa and I m the Program Manager of Outreach for the Rural Health Care
Good afternoon, everyone. Thanks for joining us today. My name is Paloma Costa and I m the Program Manager of Outreach for the Rural Health Care program. And I m joined by Carolyn McCornac, also Program
More informationAbout the information we collect We collect and process personal data including but not limited to:-
Privacy Policy About us TP Supported Accommodation is responsible for collecting, processing, storing and safe keeping of personal information as part of our business activities. We manage information
More informationBeam Suntory Privacy Policy WEBSITE PRIVACY NOTICE
Beam Suntory Privacy Policy WEBSITE PRIVACY NOTICE Beam Suntory ("we"; "us"; "our") respects your privacy and is committed to protecting your personal information at all times in everything we do. We are
More informationPRIVACY POLICY. 1. Definitions and Interpretation In this Policy the following terms shall have the following meanings:
PRIVACY POLICY BACKGROUND: Entod Research Cell UK Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone
More informationTerms and conditions of use for the Online and Mobile Banking Service
Terms and conditions of use for the Online and Mobile Banking Service Effective from July 2016 Please read these terms and conditions carefully. They re also available on our website and our Mobile Banking
More informationAbout Us. Privacy Policy v1.3 Released 11/08/2017
Privacy Policy v1.3 Released 11/08/2017 About Us THIS PRIVACY POLICY, OUR VIEWER TERMS (hellopupil.com/viewerterms) AND HEALTH & SAFETY GUIDANCE (hellopupil.com/advice) COLLECTIVELY FORM THE TERMS GOVERNING
More informationKeep Track of Your Passwords Easily
Keep Track of Your Passwords Easily K 100 / 1 The Useful Free Program that Means You ll Never Forget a Password Again These days, everything you do seems to involve a username, a password or a reference
More informationAccess Rights and Responsibilities. A guide for Individuals and Organisations
Access Rights and Responsibilities A guide for Individuals and Organisations This guide is aimed at both individuals and organisations. It is designed to bring individuals through the process of making
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Introduction The purpose of this document is to provide a concise policy regarding the data protection obligations of Youth Work Ireland. Youth Work Ireland is a data controller
More informationPrivacy & Cookie Statement
Privacy & Cookie Statement Version: 8 May 2018 Since day 1, WeTransfer has cared a great deal about privacy and respecting our users. We have always had a lean data policy: no sign up, no install, no retargeting.
More informationA Homeopath Registered Homeopath
A Homeopath Registered Homeopath DATA PROTECTION POLICY Scope of the policy This policy applies to the work of homeopath A Homeopath (hereafter referred to as AH ). The policy sets out the requirements
More informationDATA PROTECTION POLICY THE HOLST GROUP
DATA PROTECTION POLICY THE HOLST GROUP INTRODUCTION The purpose of this document is to provide a concise policy regarding the data protection obligations of The Holst Group. The Holst Group is a data controller
More informationIn this policy, whenever you see the words we, us, our, it refers to Ashby Concert Band Registered Charity Number
ASHBY CONCERT BAND PRIVACY POLICY The privacy and security of your personal information is extremely important to us. This privacy policy explains how and why we use your personal data. We will keep this
More informationDate Approved: Board of Directors on 7 July 2016
Policy: Bring Your Own Device Person(s) responsible for updating the policy: Chief Executive Officer Date Approved: Board of Directors on 7 July 2016 Date of Review: Status: Every 3 years Non statutory
More informationAdvocacy Service Guide
Advocacy Service Guide Advocacy is a means of empowering people by supporting them to assert their views and claim their entitlements and where necessary representing and negotiating on their behalf. Advocacy
More informationThis Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ).
PRIVACY POLICY Data Protection Policy 1. Introduction This Data Protection Policy (this Policy ) sets out how Brital Foods Limited ( we, us, our ) handle the Personal Data we Process in the course of our
More informationUWTSD Group Data Protection Policy
UWTSD Group Data Protection Policy Contents Clause Page 1. Policy statement... 1 2. About this policy... 1 3. Definition of data protection terms... 1 4. Data protection principles..3 5. Fair and lawful
More informationPrivacy Notice. General Information Protection Regulation ( GDPR )
Privacy Notice General Information Protection Regulation ( GDPR ) Please read the following information carefully. This privacy notice contains information about the information collected, stored and otherwise
More informationGDPR - Are you ready?
GDPR - Are you ready? Anne-Marie Bohan and Michael Finn 24 March 2018 Matheson Ranked Ireland s Most Innovative Law Firm Financial Times 2017 International Firm in the Americas International Tax Review
More informationPrivacy Information - Privacy and Cookies Policy In Full
Privacy Information - Privacy and Cookies Policy In Full Contents 1. Introduction & General Terms 2. Who are we? 3. What information will Gaucho collect about me? 4. How will Gaucho use the information
More informationUUEAS Privacy policy - Members
UUEAS Privacy policy - Members The Union of UEA Students (The Union) is an independent charity, whose primary goal is to represent the students at the University of East Anglia. Every student at UEA is
More informationSpectrum Wellness Privacy Statement
Spectrum Wellness Privacy Statement This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully
More informationBISHOP GROSSETESTE UNIVERSITY. Document Administration. This policy applies to staff, students, and relevant data subjects
BISHOP GROSSETESTE UNIVERSITY Document Administration Document Title: Document Category: Privacy Policy Policy Version Number: 1.0 Status: Reason for development: Scope: Author / developer: Owner Approved
More informationPrivacy Notice For Ghana International Bank Plc customers
Privacy Notice For Ghana International Bank Plc customers You may be aware of the European Union s General Data Protection Regulation (GDPR), effective as from 25th May 2018. Ghana International Bank Plc
More informationMobile Computing Policy
Mobile Computing Policy Overview and Scope 1. The purpose of this policy is to ensure that effective measures are in place to protect against the risks of using mobile computing and communication facilities..
More informationIAE Professional s (02)
IAE Professional Emails (02) TASK ONE: There are three different styles of writing when it comes to communication via email: Formal This is the style of an old-fashioned letter. Ideas are presented politely
More informationData protection policy
Data protection policy Context and overview Introduction The ASHA Centre needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees
More informationIt applies to personal information for individuals that are external to us such as donors, clients and suppliers (you, your).
Our Privacy Policy 1 Purpose Mission Australia is required by law to comply with the Privacy Act 1988 (Cth) (the Act), including the Australian Privacy Principles (APPs). We take our privacy obligations
More informationPrivacy Notice Q-UK-PO02
1. Scope 1.1. This informs users about the nature, extent, and purpose of the collection and use of personal data by Colt Group Limited and Colt International Limited ( Colt or the Company ). This governs
More information1 Privacy Statement INDEX
INDEX 1 Privacy Statement Mphasis is committed to protecting the personal information of its customers, employees, suppliers, contractors and business associates. Personal information includes data related
More informationNew Graduate Guide to the Online Application Process
New Graduate Guide to the Online Application Process April 2018 Before Getting Started This guide is intended to help recent graduates navigate the online portion of the application process and it is not
More informationPrivacy Notice - General Data Protection Regulation ( GDPR )
THIS PRIVACY NOTICE APPLIES TO ANY PERSON WHO INSTRUCTS AN INDIVIDUAL BARRISTER AT 12 OLD SQUARE CHAMBERS EITHER DIRECTLY OR THROUGH A SOLICITOR OR WHO ASKS THE INDIVIDUAL BARRISTER FOR A REFERENCE Privacy
More informationData Protection Policy
Data Protection Policy Introduction Stewart Watt & Co. is law firm and provides legal advice and assistance to its clients. It is regulated by the Law Society of Scotland. The personal data that Stewart
More informationPRIVACY POLICY BACKGROUND:
PRIVACY POLICY BACKGROUND: SA Designer Parfums Limited understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone
More informationThe isalon GDPR Guide Helping you understand and prepare for the legislation
The isalon GDPR Guide Helping you understand and prepare for the legislation 01522 887200 isalonsoftware.co.uk Read our guide today to help you plan for the new legislation.. The General Data Protection
More informationWebsite Acecore Technologies JL B.V.:
Privacy policy Acecore Technologies JL B.V. B.V. Acecore Technologies JL B.V. (hereafter: Acecore technologies JL B.V.) focusses on the development and shipping of drones in the creative, industrial and
More informationFIRST TIER COMPLAINTS HANDLING GUIDANCE
FIRST TIER COMPLAINTS HANDLING GUIDANCE 1. This guidance applies to all, CILEx Practitioners and CILEx Authorised Entities. If you are a member working in a regulated by another regulator, you will need
More informationBRIDGEWATER SURGERIES. Privacy Notice
BRIDGEWATER SURGERIES Privacy Notice We understand how important it is to keep your personal information safe and secure and we take this very seriously. We have taken steps to make sure your personal
More informationPrivacy Policy. Revisions to this Policy. What Information we collect. How do we collect Information?
Privacy Policy Construction Supply & Service Last Updated May 2014. Construction Supply & Service ABN 16 010 489 326 ("CSS/us/we/our") respects the privacy of individuals. This Policy sets out the way
More informationPRIVACY POLICY. 1. Definitions and Interpretation In this Policy the following terms shall have the following meanings:
PRIVACY POLICY BACKGROUND: Leaman Mattei Limited (LM) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone
More informationSouth Hams Motor Club Our Privacy Policy. How do we collect information from you? What type of information is collected from you?
South Hams Motor Club Our Privacy Policy At South Hams Motor Club (SHMC) we are committed to protecting and preserving the privacy of our customers when attending our events, visiting our website or communicating
More informationGeneral Data. Protection Regulations MAY Martin Chapman Head of Ops & Sales Microminder. Presentation Micro Minder Ltd 2017
General Data Please note: - This legislation is untested and open to interpretation. - I am not a Privacy or Data Protection Solicitor. - Should you have any concerns or queries please seek legal advice
More informationRecruitment Guide for External Applicants
Directorate General Human Resources, Budget and Organisation ECB-PUBLIC Recruitment Guide for External Applicants 19 June 2012 Page 1 Table of Contents 1. Getting Started with SAP e-recruiting 3 1.1 Searching
More informationGeneral Data Protection Regulations (GDPR)
Wrekinsport CC General Data Protection Regulations (GDPR) The GDPR legislation comes in to force across the EU from the 25 th May 2018. From this time, organisations across the EU need to be working towards
More informationData Subject Access Request
Data Subject Access Request DATA PROTECTION ACT 1998 Version: 10.0 Approval Status: Approved Document Owner: Graham Feek Classification: Internal Review Date: 03/07/2017 Effective from: 1 July 2015 Table
More informationPrivacy Policy. Full name and contact details (including your contact number, and postal address).
01326 270212 sales@htiddy.co.uk www.htiddy.co.uk Privacy Policy This privacy notice sets out how we will process personal data we collect from or about you, or which you provide to us. Please read this
More informationGDPR Compliance. Clauses
1 Clauses GDPR The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU). It became enforceable from May 25 2018. The
More informationDe Montfort Students Union Student Data Privacy Statement
De Montfort Students Union Student Data Privacy Statement Introduction De Montfort Students Union (DSU) promises to respect any personal data you share with us, or that we get from other organisations
More informationPrivacy and Data Protection Policy
Privacy and Data Protection Policy Introduction 1. The Ripple Pond is committed to ensuring the secure and safe management of personal data held by the Charity in relation to Beneficiaries, Staff, Trustees,
More informationPrivacy Notices under #GDPR: Have you noticed my notice?
Privacy Notices under #GDPR: Have you noticed my notice? As you all know by now the General Data Protection Regulation (GDPR) is here and it is (as predicted) starting to get various people fired up ready
More informationTerms & Conditions. Privacy, Health & Copyright Policy
1. PRIVACY Introduction Terms & Conditions Privacy, Health & Copyright Policy When you access our internet web site you agree to these terms and conditions. Bupa Wellness Pty Ltd ABN 67 145 612 951 ("Bupa
More informationToucan Telemarketing Ltd.
Toucan Telemarketing Ltd. GDPR Data Protection Policy Introduction Toucan Telemarketing is committed to protecting the rights and freedoms of data subjects and safely and securely processing their data
More informationPrivacy Notice for firstdirect.com
Privacy Notice for firstdirect.com Your privacy Your privacy is important to us. This notice (Privacy Notice) applies to personal information we collect from you when you use this site. If you re an HSBC
More informationBadminton England - Data protection Guidance for clubs and counties.
Badminton England - Data protection Guidance for clubs and counties. This leaflet is intended to provide general guidance for clubs and counties with respect to data protection. It does not however capture
More informationNHS Education for Scotland Portal https://www.portal.scot.nhs.uk Dental Audit: A user guide from application to completion
Dental Audit: A user guide from application to completion 1. Audit Guidance 2. New Application: Getting Started 3. New Application: The Audit Application Form 4. New Application: Submitting Your Application
More informationThe GDPR: what it is and what it means for Freelance Dietitians
The GDPR: what it is and what it means for Freelance Dietitians Nan Millette, MEd, RD Panellists: Mariette Abrahams Rebecca McManamon Tracey Clarke Overview Disclaimer What is GDPR? BDA Data Protection
More informationPrivacy Policy Inhouse Manager Ltd
Privacy Policy Inhouse Manager Ltd April 2018 This privacy statement is designed to tell you about our practices regarding the collection, use and disclosure of information held by Inhouse Manager Ltd.
More informationGDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY. A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018
GDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY 25 2018 A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018 A 7-step practical guide to achieving and maintaining
More informationCognizant Careers Portal Privacy Policy ( Policy )
Cognizant Careers Portal Privacy Policy ( Policy ) Date: 22 March 2017 Introduction This Careers Portal Privacy Policy ("Policy") applies to the Careers portal on the Cognizant website accessed via www.cognizant.com/careers
More information