GDPR (General Data Protection Regulations) is a comprehensive series of regulations, systems, rights and principles that protects the personal data of every EU and UK citizen and is enshrined in UK law. The GDPR legislation furthers the Data Protection Act and provides citizens with a number of rights over the data that the parish council holds on them.
Key points include:
- Any person can request to see all the details that we hold on them.
- Any person can request that we delete all the personal data that is held by us.
- We need to state a valid reason when gathering and processing personal data.
- We need to ask for consent when we gather personal data
- We need to provide people with a way of withdrawing that consent at any time.
- We need to take precautions to protect personal data that we have gathered
The council have nominated a councillor, Cllr John Harding, to be the Data Protection Officer of the council. Any parishioner would like to exercise the above rights, should write to the Data Protection Officer or the Clerk of the Council setting out their request.