Guide to General Data Protection Regulation (GDPR)
GDPR is data protection legislation that applies to all European Union countries and the UK. The law came into force on 25 May 2018.
In this guide we explain how GDPR applies to voluntary organisations and what you need to know about the legislation to ensure your organisation complies with the rules.
In the rise of the Information Age, each of us creates large volumes of personal data through our online activities. GDPR was brought in to provide greater rights and protections against individuals, companies, corporations and governments that might otherwise use personal data in harmful ways.
The Information Commissioner’s Office (ICO) is the regulatory body responsible for enforcing GDPR and is the main authority for information about data protection and security in the UK.
If you would like to know more about the impact GDPR has on your organisation, either get in touch for a conversation or fill in our form to request support from us.
The ICO defines personal data as ‘information that relates to an identified or identifiable individual.’ Types of personal information range from name and birth date, to an IP address, cookies and any other information that can be used to identify an individual.
In brief, GDPR enforces four data protection rights:
The penalties for breaching GDPR are serious and can result in hefty fines meted out by the ICO.
Read more about how GDPR breaches and fines can impact organisations at Charity Digital.
We have put together some practical guidance on GDPR with three exercises and help with drafting a privacy policy. Download these documents here:
NCVO published an interesting blog post about their interpretation of the ICO’s guidance and how useful they think it is for voluntary organisations.
Guide to the UK General Data Protection Regulation (UK GDPR)