The General data protection regulation came into force in May 2018 in the UK. The regulation is one of the biggest changes to the data protection laws and all businesses must be prepared.
What is GDPR?
GDPR is Europe’s new framework for the data protection laws and now replaces the previous 1995 data protection directive. GDPR has been designed to harmonize data protection laws and to give an overall greater protection and rights to businesses and customers of the public.
Will GDPR affect my business?
Under the GDPR’s “personal data”, it is defined any information related to a natural person or data subject that can be used directly or indirectly to identify them, for example having the following information can put anyone at risk,
– their name
– a photograph of them
– their email or postal address
– medical information
The GDPR applies if the data controller ( i.e. the business or organisation that collects data) or the data processor (i.e. the business or organisation that processes data for the controller) or the data subject (person who the data refers) is based in the EU. Even if a controller or processor is based out side of the EU, the GDPR will still apply if they’re collecting or processing data relating to people who live in the EU. Under the GDPR controllers must ensure that personal data is processed lawfully, transparently and for a specific purpose, after which – if the data is no longer required – it must be deleted. The GDPR will apply to all business that store and process the personal data of data subjects living in the EU. So, UK companies collecting or processing personal data must comply with the GDPR, because the UK will not leave the EU until after May 2018. And according to the ICO: “The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.” Even after the UK leaves the EU, UK firms collecting or processing the personal data of people living in the EU will have to comply with the GDPR.
Rights to be forgotten?
Green Plan-IT doesn’t hold any Personal information for longer than necessary and we use only for the purpose it was originally collected for.
We here at Green Plan-it provides secure destruction services for paper documents, hard drives and electronic media, and issues a Certificate of Destruction after every shred.
What information does Green Plan-it Collect?
Green Plan-it collects names, addresses, telephone numbers and any additional information required to carry out their business. The information shall be retained on agreements, email or verbally.
What we use your information for?
The information collected is only ever used for the purpose of completing the work requested at that time or work completed in the future.
Where does Green Plan-IT store the information and how secure is it?
All information retained by Green Plan-it LTD is stored securely at our head office depot in Leicestershire. We aim to make sure we are fully compliant with GDPR standard.
All of our staff at Green Plan-It are fully up to date with the GDPR standards of work and go through in house training to keep refreshed on all requirements.