Introduction to Changes of GDPR
From the 25th May 2018 the law is changing and the new General Data Protection Register (GDPR) will become law. As an organisation that gathers and uses data (information) we are required to review our data handling and related procedures.
This introduction outlines the key changes brought about by this legal change.
In principle, with regards to data collection, we are now required to carefully consider:
- What data we need from you
- Why we need it
- What we will do with it
- Where it will be stored
- Who we may share it with, and why
- How will we dispose (get rid of) the data
- How long we will keep it
As well as telling you all these things, we are also required to tell you how you can view the data, request changes or deletions and what we will do in the case of a data breach.
The new law states that you have 9 rights in relation to the data we hold. These are:
- The right to see any data we keep on record
- The right to request changes where errors exist
- The right to request that something is removed from the records/data
- The right to request that information is not used in any way other than originally intended
- The right to have your data used by somebody else (transferred)
- The right to object to data being used for marketing or other commercial purposes
- The right for your data to be used for your education only
- The right to complain about how the data has been gathered and used by the college
- The right to compensation if damages have occurred as a result of our data handling