Data protection is becoming an increasingly important issue for voluntary and community organisations as people become more aware of the need to handle information properly and the financial and reputational risks of getting it wrong. This section will provide news and practical resources you can use relating to data protection.
Subject Access Requests are made by a person whose data you process to a request a copy of their own information. You need to have procedures in place to be able to identify and respond to these requests within one month.
Whatever security measures you might have in place, you can never be 100% safe from a breach. A breach could lead to an investigation from the regulator, resulting in potential enforcement action against your organisation. Being prepared is essential.
Privacy notices help the people who you process personal data about understand why and what you do with their information. The GDPR specifies what must be included and how they should be written.
Our guidance addresses some common themes for data protection in the voluntary and community sector. We've created some templates as a starting point for you to work with.
It is a legal requirement of the General Data Protection Regulation (GDPR) to keep a clear record of your processing activities. This resource explains what to do and provides templates for you to get started.
A number of common scenarios and questions that we have received on GDPR and data protection.