General Data Protection Policy

You are here: Purpose of the policy and background to the General Data Protection Regulation
Identifying the roles and minimising risk
Data breaches
Privacy Notices
Information Audit
Individuals’ Rights
Children
Summary

Purpose of the policy and background to the General Data Protection Regulation

The purpose of this policy is to provide an explanation to Councillors, staff and the public about GDPR.

Personal data must be processed lawfully, fairly and transparently; collected for specified, explicit and legitimate purposes; be adequate, relevant and limited to what is necessary for processing; be accurate and kept up to date; be kept only for as long as is necessary for processing and be processed in a manner that ensures its security.

This policy updates any previous data protection policy and procedures to include the additional requirements of GDPR which apply in the UK from May 2018. The Government have confirmed that despite the UK leaving the EU, GDPR will still be a legal requirement. This policy explains the duties and responsibilities of the council and it identifies the means by which the council will meet its obligations.

Previous page You are on the first page
Next page Identifying the roles and minimising risk