General Data Protection Regulation (GDPR)
On 25th May 2018 the General Data Protection Regulation (GDPR) came into effect in the UK. This replaces the Data Protection Act 1998, and improves the protection of personal data, enhancing the duties of those controlling and processing it.
It sets out more clearly the rights of the data subject (i.e. the person to whom the data refers) and places responsibility on the organisation controlling personal data to state plainly why, how, where, and for how long the data is processed. In addition, data controllers must now establish their legal basis for collecting and processing personal data.
RCAHMW is committed to following good practice in the use of personal data, and to protecting data subjects’ rights. To ensure compliance with GDPR, we have updated our Data Protection Policy, and produced a public Privacy Notice, which sets out the types of personal data that we control and process, why we need this, what we do with it, and how long we keep it. It also makes clear data subjects’ rights, and who to contact in the event of personal data enquiries or complaints.
RCAHMW Privacy Notice
06/04/2018