RHA Memebr
0800 151 3361
Email Us
[ultimate_spacer height=”22″ height_on_tabs=”50″ height_on_tabs_portrait=”50″ height_on_mob_landscape=”50″ height_on_mob=”50″]

What You Need to Know: General Data Protection Regulation


WHAT IS GDPR?
It stands for General Data Protection Regulation and is the new framework for data protection law in Europe. It replaces current data protection laws in the European Union. The UK Data Protection Act 2018 is the UK’s implementation of the GDPR.

WHEN?
The GDPR commenced in the UK 25th May 2018.

DOES IT APPLY TO ME?
The Information Commissioner’s Office states:

‘The GDPR applies to ‘controllers’ and ‘processors’. The definitions are broadly the same as under the DPA – ie: the controller says how and why personal data is processed and the processor acts on the controller’s behalf. If you are currently subject to the DPA, it is likely that you are also subject to the GDPR.

If you are a processor, the GDPR places specific legal obligations on you; for example, you are required to maintain records of personal data and processing activities. You will have significantly more legal liability if you are responsible for a breach. These obligations for processors are a new requirement under the GDPR.

However, if you are a controller, you are not relieved of your obligations where a processor is involved – the GDPR places further obligations on you to ensure your contracts with processors comply with the GDPR.

The GDPR applies to processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.

The GDPR does not apply to certain activities including processing covered by the Law Enforcement Directive, processing for national security purposes and processing carried out by individuals purely for personal/household activities.’

WHAT INFORMATION DOES GDPR APPLY TO?
Both personal data and sensitive personal data are covered by the GDPR. The ICO website gives a definition of the two here.

WHAT DOES IT MEAN FOR ME AS AN INDIVIDUAL?
The GDPR gives greater control to individuals over their personal data by setting out additional and more clearly defined rights for individuals whose personal data is collected and processed by organisations and businesses.

WHAT DOES IT MEAN FOR MY BUSINESS?
In short, the General Data Protection Regulation increases the obligations and responsibilities for organisations and businesses in how they collect, use and protect personal data. The new law requires organisations and businesses to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities.

WHAT ABOUT BREXIT?
The Information Commissioner’s Office states on its website that the government has confirmed that the UK’s decision to leave the EU has not affected the commencement of the GDPR.

The new UK Data Protection Act 2018 (DPA) is the UK’s implementation of the GDPR and commenced in line with the GDPR on 25thMay 2018.

For more information on the Data Protection Act 2018 follow the guidance here;

https://www.gov.uk/data-protection

For up to date information on a no Brexit deal follow the guidance here:

https://ico.org.uk/for-organisations/data-protection-and-brexit/

[ultimate_spacer height=”2″ height_on_tabs=”2″ height_on_tabs_portrait=”2″ height_on_mob_landscape=”0″ height_on_mob=”0″]

Upload your rates bill to see if you can save.



    [ultimate_spacer height=”50″]
    Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now - ico.
    [ultimate_spacer height=”10″]

    Download the 12 steps to prepare for GDPR guide by the ico.

    [ultimate_spacer height=”50″]
    European Union Regulations
    [ultimate_spacer height=”10″]

    Download the new European Union Regulations

    WHAT ARE THE MAIN CHANGES I NEED TO KNOW ABOUT?

    Individuals:

    The GDPR gives individuals significantly strengthened rights to:

    • obtain details about how their data is processed by an organisation or business;
    • obtain copies of personal data that an organisation holds on them;
    • have incorrect or incomplete data corrected;
    • have their data erased by an organisation, where, for example, the organisation has no legitimate reason for retaining the data;
    • obtain their data from an organisation and to have that data transmitted to another organisation (Data Portability);
    • object to the processing of their data by an organisation in certain circumstances;
    • not to be subject to (with some exceptions) automated decision making, including profiling.

    Organisations & Businesses:

    Organisations and businesses collecting and processing personal data have to meet GDPR requirements and very high standards in how they collect, use and protect data.

    They must always be fully transparent to individuals about how they are using and safeguarding personal data, including by providing this information in easily accessible, concise, easy to understand and clear language.

    For organisations and businesses who breach the law, the Data Protection Commissioner has been given more robust powers to impose very substantial sanctions including the power to impose fines. Under the new law, the DPC is able to fine organisations up to €20 million (or 4% of total global turnover) for the most serious infringements.

    The GDPR also permits individuals to seek compensation through the courts for breaches of their data privacy rights, including in circumstances where no material damage or financial loss has been suffered.

    WHAT DO I DO NOW?

    Unsure of the steps to take to ensure your organisation or business is GDPR compliant?

    The ICO has created a Data Protection Self Assessment toolkit page to assist you in ensuring you are GDPR compliant.

    The Self Assessment toolkit page is available here;

     https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/

    For more information and help see ico.org.uk

     

    [ultimate_spacer height=”10″ height_on_tabs=”50″ height_on_tabs_portrait=”50″ height_on_mob_landscape=”25″ height_on_mob=”25″]
    Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now - ico.
    [ultimate_spacer height=”10″]

    Download the 12 steps to prepare for GDPR guide by the ico.

    European Union Regulations
    [ultimate_spacer height=”10″]

    Download the new European Union Regulations

    Business Rates Relief

    Every year, thousands of companies fail to claim the business rates relief they are entitled to. Caritas can assist your company to ensure you fully benefit from all available reliefs.

    FIND OUT MORE
    [ultimate_spacer height=”50″ height_on_tabs=”50″ height_on_tabs_portrait=”50″ height_on_mob_landscape=”0″ height_on_mob=”0″]

    Charities

    We help charities recover overpayments on business rates and council tax liabilities. Our experts work on a ‘no win no fee’ basis to claim back overpayments & reduce ongoing costs.

    FIND OUT MORE
    [ultimate_spacer height=”50″ height_on_tabs=”50″ height_on_tabs_portrait=”50″ height_on_mob_landscape=”0″ height_on_mob=”0″]

    Empty Property Relief

    Vacant commercial properties place a financial burden on ratepayers who are paying full rates on an unoccupied property. Most ratepayers are overpaying on their empty properties.

    FIND OUT MORE
    [ultimate_spacer height=”50″ height_on_tabs=”50″ height_on_tabs_portrait=”50″ height_on_mob_landscape=”0″ height_on_mob=”0″]

    Want to discuss how we can help you?
    Get in touch with our team of consultants.

    GET IN TOUCH