top of page

Personal Data


GDPR – is your business ready for May 2018?

The General Data Protection Regulation (GDPR) comes into force on 26th May, 2018. It replaces the Data Protection Act (DPA). Companies that fail to comply with the new rules will face much tougher punishments, regardless of the size of the company. These rules relate to storing and handling personal data.

GDPR requires all employers to provide employees (and job applicants) with an information notice, aka a privacy notice aka a fair processing notice. This sets out specified information about the processing of their personal data.

A privacy notice must include a lot of information, including:

  • the identity and contact details of the employer as the data controller;

  • the purposes for which the data will be processed and the legal basis for processing;

  • the period for which the data will be stored, or if it is not possible to specify the retention period, the criteria used to determine the period;

  • the employees’ rights to request access to, rectification or erasure of data; to request restriction of processing; or to object to processing;

  • where the legal basis for processing is consent, the right to withdraw consent at any time;

  • the right to lodge a complaint with the supervisory authority;

For further information on GDPR or any other matter relating to Human Resources, contact Nichola Coulthard on 07946 541606

Coulthard Human Resources helping businesses become amazing employers

Recent Posts
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page