Home

Adavista logo

GDPR, DATA PROTECTION ACT 2018, FREEDOM OF INFORMATION ACT 2000 – ADAVISTA CAN GUIDE YOU THROUGH IT

WELCOME TO ADAVISTA

Specialists in implementing and/or utilising:

  • Data Protection Act 2018
  • General Data Protection Regulation (GDPR) (Abridged)
  • Freedom of Information Act 2000

The Information Commissioners Office (ICO) is the supervisory authority for Data Protection in the United Kingdom and for Freedom of Information in England and Wales.

On 25th May 2018 new data protection legislation was implemented across the UK.

Four letters – G D P R – have been striking terror into people in the business world for quite a while as there have been many myths circulating. This has caused much confusion.

This has been so great that people have not realised that there is a second piece of legislation that came into effect on the same day as the abridged version of GDPR.  This is the Data Protection Act 2018  which sits alongside the GDPR and should be implemented at the same time.

SO WHAT CAN WE DO FOR YOU?

  • Firstly we suggest a consultation. One of the legal requirements of GDPR is ‘Data Protection by design and by default’. We write a Data Audit Report based on our site visit or over the phone consultation
  • Produce straightforward, concise documentation to reflect your organisation’s activities whilst meeting the ICO Guidance requirements
  • Produce the requisite Privacy Notices, again following the ICO guidance requirements. These too, are concise and in plain language
  • Help individuals put forward ‘Subject Access Requests’ (SAR) to obtain copies of personal data held on them
  • Advise organisations on how to respond if they receive a ‘Subject Access Request’ (SAR)
  • Staff training can be provided with formal courses/presentations or informal handouts

WHATS NEW?

  • DATA PROTECTION BY DESIGN AND BY DEFAULT – not exactly new but it is best practice under DPA but a legal requirement under GDPR. “I have found a privacy notice on someone else’s site and amended that” does not make you compliant under GDPR – it has to fit and be able to demonstrate that it fits your business.
  • ACCOUNTABILITY – now be “officially” transparent about how you process personal information by having the appropriate documentation in place.
  • PRIVACY NOTICES – what was originally called the Privacy Policy on websites. – now requires additional information to be included.

WHAT DOCUMENTS NEED NOTICES/DISCLAIMERS?

  • A Privacy Notice is required regardless of whether or not you have a website
  • Email disclaimer
  • Electronic or paper forms may require disclaimers
  • Terms & Conditions, Contracts and Service Level Agreements may need some terminology

Effectively we give you a piece of text to add to your existing documents, except the Privacy Notice, which REPLACES your old Privacy Policy

TOO MUCH TO THINK ABOUT?

So let us do the thinking for you and take on the responsibility.

NEXT STEPS…

Phone or email to see how We can help you