General Data Protection Regulations Briefing (the presentation you ve all been waiting for)

Similar documents
What does GDPR and the new Data Protection Act mean to Brokers/Intermediaries?

ARE YOU READY FOR THE NEW DATA PROTECTION LAWS?

Appropriate Policy Document

All Sorts UK Limited Data Protection Policy 17 th May 2018

European Union General Data Protection Regulation

WHAT DECISIONS WILL YOU NEED TO TAKE? GETTING READY FOR THE GDPR PART FOUR LEGAL ISSUES AND TRUSTEE DECISIONS

Pension Trustees. Final Countdown to the GDPR

Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy

Southern Golden Retriever Rescue Data Protection Policy

Management of Personal Information Policy (Privacy Policy)

Firefighters Pension Scheme

The New EU General Data Protection Regulation (GDPR)

Big Web Warehouse Ltd GDPR Data Processor Policy Warehouse and Fulfilment April 2018

The contract is important so that both parties understand their responsibilities and liabilities.

Mobius Life Limited Data Privacy Notice

Privacy Notice under the General Data Protection Regulation (GDPR)

Privacy Statement. Key Definitions. Data Controller. Processing

Michael R. Cohen CIPP/US, CIPP/E Gray Plant Mooty. Overview of the EU General Data Protection Regulation (GDPR)

Man and Machine - Data Protection Policy

Claims Handling We process Your Personal Data in order to record and handle your insurance claim. This may include sharing your Personal Data with:

DATA PRIVACY I. POLICY DEFINITIONS

DATA PROTECTION POLICY

Data Protection Policy. Newbury Academy Trust

New legislation brings changes to how data is handled

The BVRLA Guide to. The General Data Protection Regulation British Vehicle Rental and Leasing Association

Member Circular March Implementation of the EU General Data Protection Regulation 2016/679 General Guidance to Members

DATA PROTECTION NOTICE

DATA PROTECTION POLICY. Little Baddow Parochial Church Council

Pension Trustees Final Countdown To GDPR

Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018

Data Privacy Notice of Sumitomo Mitsui Banking Corporation, Brussels Branch ( SMBC )

Data held by BASC clubs and syndicates - a brief guide

LOCAL GOVERNMENT PENSION SCHEME (LGPS) GENERAL DATA PROTECTION REGULATION - THE IMPLICATIONS FOR THE LGPS

Representative Church Body of the Church of Ireland General Data Protection Regulation Overview

The Pension and Life Assurance Plan of NG Bailey (Scheme) Privacy notice

The General Data Protection Regulation (GDPR): action plan for pension scheme trustees

Data Protection Policy

The Era of GDPR Data Privacy, Two Months In: Do you have a Data Transfer Agreement handy? July 31, 2018

GROUP PRIVACY POLICY. Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ).

EU General Data Protection Regulation vs. Swiss Data Protection Act (in the Private Sector 1 )

Welcome To Your Data Protection Journey. Paula Tighe Information Governance Executive

GDPR update and its impact on accountancy practices

The GDPR how to prepare MiFID II where are we now? Wednesday 21 February 2018

Revising policies and procedures under the new EU GDPR

PRIVACY POLICY OF BPO INSOLVENCY LIMITED (COMPANY REGISTRATION NO ) REGISTERED OFFICE 37 WALTER ROAD SWANSEA SA1 5NW

GDPR: The future of marketing and commercialisation of data. Alexander Brown & Matt Dyer, Simmons & Simmons

DATA PROTECTION POLICY

PRIVACY NOTICE Use of Information Data Controller and Data Processor

MRS Brexit Survival Guide: EU-UK Data transfers November

Privacy vs Data Protection: The Impact of EU Data Protection Legislation

GUIDANCE NOTE ON THE DATA PROTECTION ACT Information for clubs & county associations

Privacy Statement for Intermediaries

Privacy Statement v 1.1

THE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL

CPI PROPERTY GROUP. Group Data Protection Policy. 25 May Summary

DATA SUBJECT ACCESS REQUEST POLICY AND PROCEDURE

Institutional Investment Advisors Limited

Legal Compliance Education and Awareness. Privacy Act (Commonwealth)

WHO IS RESPONSIBLE FOR LOOKING AFTER YOUR PERSONAL DATA?

Decision Notice. Decision 014/2019: Mr D and NHS Greater Glasgow and Clyde. Postcodes of patients

DEAL BY SEA LTD PRIVACY NOTICE

Privacy Policy Statement

henriksen limited This document sets out how Henriksen processes data and your rights as the data subject.

A distinctive local company with national standards. Practical Credit Control & New [GDPR] Data Protection Regulations

DATA PROCESSING TERMS DEFINITIONS

Ark Syndicate Management Limited. Privacy and Transparency Notice. Version 1

Methodology for Compliance with the Research-Based Pharmaceutical Industry (LIF) Disclosure Code

International data transfers and Schrems White & Case. Aqeel Kadri and Tim Hickman

New Data Regulation, Brexit and the Pensions Industry.

Methodology for Compliance with the ABPI Disclosure Code. Introduction Page 1. General Comments Page 2. Indirect Transfers of Value Page 3

INFORMATION ON THE PROCESSING OF PERSONAL DATA

When is it OK to share information about other people?

Quotation/Inception. Renewal. Policy administration. Claims processing PRIVACY POLICY

A guide for the insurance industry

The Information Commissioner s response to the Financial Conduct Authority s call for inputs on big data in retail general insurance

States of Guernsey EU General Data Protection Regulation (GDPR) - High-level impact assessment

1. What Data do we collect and where do we get it from?

RAMS Privacy Policy. When you trust us with your personal information, you expect us to protect it and keep it safe.

ROSETTA STONE LTD. PROCESSING ADDENDUM

Privacy policy June 2014

TEREX CORPORATION DATA PROTECTION POLICY

Data Protection Privacy Notice for people not directly involved in the accident

APPLICATION FORM. Alternative Dispute Resolution Service. r er s usiness n e: Reference nu er (office use):

DATA PRIVACY & FAIR PROCESSING NOTICE

DATA PROTECTION POLICY. AtonLine Limited

DATA PROTECTION LAWS OF THE WORLD. Czech Republic

Data Privacy Statement

Briefing: General Data Protection Regulations (GDPR)

CHARITY & NFP LAW BULLETIN NO. 419

1.5 If your personal details change, please contact us at Jonathan Tait & co, 9 Crown Street, Aberdeen, AB11 6HA.

INTERNATIONAL SOS. Data Protection Policy. Version 1.8

This information, or "personal data" as it is often referred to, must be processed according to the principles contained within the Regulation.

Depending on the circumstances and the stage of your membership, we may hold some or all of the following information about you:

Westpac Privacy Policy.

ERGO Versicherung AG UK Branch Data Privacy Notice

BWA Financial Group Pty Ltd Privacy Policy

BDML Connect Ltd Privacy Policy_v1.0_March updated Markerstudy Group 2018 Page 1 of 11

DATA PROTECTION LAWS OF THE WORLD. Angola vs Czech Republic

GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS

GENERAL DATA PROTECTION REGULATION (GDPR) MADE SIMPLE GUIDE

Transcription:

Item 6 General Data Protection Regulations Briefing (the presentation you ve all been waiting for)

Current law Data Protection Act 1998 Defines how an individual s personal data may be held lawfully by organisations Set out 8 principles for processing of data Created a regulatory authority for data protection Information Commissioners Office (ICO)

Key terms Personal Data - records which relate to a living individual e.g. name Sensitive Personal Data criminal, health, political, race, religion, trade union membership Processing anything done with personal data. Data Subject individual e.g. you Data Controller the organisation or body who controls data processing Data Processer a third party who process data on behalf a Data Controller

6 legal bases for processing data. Data Subject consent Necessary for contractual obligation with Data Subject Necessary for legal obligation other than contract Necessary for vital interests of the Data Subject Necessary for functions of public bodies Necessary in the legitimate interests of Controller balanced by consideration, on a case-by-case basis, of any overriding legitimate interests of the Data Subject

8 principles 1. Processed fairly and lawfully 2. Processed only for specified and lawful purpose(s) 3. Adequate, relevant and not excessive re the purpose 4. Accurate and, where necessary, kept up-to-date 5. Not kept longer than necessary for the purpose 6. In accordance with Data Subjects rights 7. Kept secure by technical/organisational means 8. Transferred outside EEA only if privacy protected

New law - GDPR Legal bases and 8 Principles remain More personal data (numbers, IP addresses) More sensitive personal data (biometric ID, sexual orientation) Enforcement more stringent Applies to Church as with any organisation

DPA vs GDPR Accountability no longer simply about stating compliance, now must show how you are compliant Policies and procedures will be of greater importance Greater emphasis on transparency right to be informed Fair Processing Notice

DPA vs GDPR Consent must be affirmative and evidenced silence, inactivity and assumed consent are not consent. Must also be easy to withdraw and can only be refused if there is a legal basis to continue processing Right of erasure (aka right to be forgotten) Rights to restrict and object to data processing

DPA vs GDPR Subject Access Requests no fee and shorter time for response Data breach e.g. loss of data, must be reported to ICO within 72 hours of discovery. Much larger fines max 10 m or 20 m.

What do we do? Don t panic Do an audit of data processing Remember Incumbents are separate data controllers to the PCC Guidance from National Church very useful. http://www.parishresources.org.uk/gdpr/

National guidance Detailed guidance note, for lead, Summary guidance note, for PCCs, A checklist, A template for an audit, Guidance and sample forms for obtaining consent, Guidance on writing Privacy Notices and some templates.

ICO website https://ico.org.uk/for-organisations/data-protectionreform/ 12 steps to take now. Checklist.

Training events Training events being arranged Two sessions (afternoon and evening) per Episcopal Area Watch out for booking invite

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback