GDPR

It is essential that all organisations have a Data Protection Policy which details how they are protecting data in accordance with the law.

GDPR stands for General Data Protection Regulation. The GDPR went into effect in 2018 and protects individuals’ personal data.

Click here for advice from NCVO on how to create a Data Protection Policy. Note that GDPR laws are regularly updated and it is your group’s responsibility to be informed of any changes. https://www.ncvo.org.uk/help-and-guidance/digital-technology/data-protection-and-cybersecurity/gdpr-data-protection-law-brexit-and-how-keep-top-your-responsibilities/writing-data-protection-policy-and-procedures/

A PRIVACY NOTICE is a public document explaining to any users or members how you their data is managed. Follow this link to the Information Commissioners Office to create your Privacy notice. https://ico.org.uk/for-organisations/advice-for-small-organisations/create-your-own-privacy-notice/

More information and examples of policy templates can be found here or speak to the Community Development Team for further support:

• https://www.charityexcellence.co.uk/free-uk-charity-policy-templates/
• https://www.resourcecentre.org.uk/information/data-protection-for-community-groups/
• https://ico.org.uk/