Tel: 01689 887887
General Data Protection Regulation (GDPR)
With less than a month to go until GDPR comes into force, have you taken the necessary steps towards becoming GDPR compliant? Failure to comply may result in a fine from the Information Commissioner’s Office (ICO).
The first step to take in order to comply with GDPR is to carry out a “data mapping” exercise (a data audit) to establish the following:
- What data your organisation holds?
- Where it came from?
- How it is used?
- What legal basis under GDPR applies to its use?
- Where it is stored?
- Whether adequate measures are in place to protect the data?
- and how long it will be kept?
If you need assistance, CWJ are able to help with the following:
- Advice on updating data privacy notices
You will need to inform employees, job applicants and leavers about the data you are holding.
- Contract and policy review
This will include updating the employment contract and preparing a GDPR compliant data protection policy.
- Updating privacy policies
This will need to be updated to inform your customers of the purposes for which their data is used and their rights under GDPR.
- Contract reviews
There is a need to review contracts with your suppliers and ensure there are provisions about how data will be handled and shared.
- Data protection policies
We are able to provide advice in relation to your use of data for marketing purposes.