|
|
|
General Data Protection Regulation (GDPR):
|
A new data privacy law called the General Data Protection Regulation (GDPR) comes into force on 25 May 2018.
The purpose of the GDPR and a new Data Protection Act is to update data privacy laws which in large part have not changed for 20 years. The Information Commissioner's Office (the ICO), which oversees compliance in the UK, sees this as an evolution of the current data protection laws with greater transparency, enhanced rights for citizens and increased accountability.
There are six key principles under the GDPR which govern how we must deal with individuals' personal information:
We must process your data lawfully, fairly and in a transparent manner
We must only use your data for specific and lawful reasons
We must make sure that the data we collect from you is adequate, relevant and limited to what is necessary
We must make sure that the data we hold about you is accurate and up to date
We must make sure that we only keep data about you for as long as is necessary
We must make sure that your data is kept securely.
As the ICO says, the 25th May is just the starting point for these major changes and the ARA is committed to continue working to achieve best practice in these areas.
Please click here for an ARA Contact Preferences Form (word doc)
Please click here for an ARA Contact Preferences Form (pdf)
Please click here for the ARA Data Protection Policy (pdf)
Please click here for the ARA Freedom of Information form 2018 (word doc)
Please click here for the ARA Freedom of Information form 2018 (pdf)
Please click here for the ARA Subject Request form 2018 (word doc)
Please click here for the ARA Subject Request form 2018 (pdf)
|
|
|
