The General Data Protection Regulation is a timely piece of European legislation that comes into force on 25 May. The premise is that consumers are in charge of their personal data and the consent to use personal data is much more onerous
All breaches will need to be reported to the Information Commissioner’s Office within 72 hours (unless the breach is unlikely to result in a risk to the data subject) and there are fines.
Data protection must now be at the heart of decision making within organisations which need to be transparent with individuals about what they are using their data for, how it might be shared, the legal basis for processing their data, and how long it will be kept.
Individuals have the rights to complain about the way in which their data is handled, to be ‘forgotten’, to withdraw consent and to have access to their own information.
We have introduced a Privacy Notice for residents and applicants which tell them what data we collect, why we collect it and who we might share it with (and this is essentially limited to contractors who carry out work in your home, government departments and agencies, our regulator and auditors, with utility companies or with other organisations and agencies where we are legally allowed to do so). The Privacy Notice can be found on our website.
We have appointed Heidi as our Data Protection Officer