General Data Protection Regulation and Data Protection
The General Data Protection Regulation (GDPR) becomes applicable on 25th May 2018.
The principles of GDPR state that data should be:
- Processed lawfully, fairly and in a transparent manner
- Collected for specified, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary
- Accurate and, where necessary, kept up to date
- Retained only for as long as necessary
- Processed in an appropriate manner to maintain security
The CILEx Group Policy also sets out how we will deal with subject
access requests, and how individuals are entitled to access their personal data
held by the Group, or any of the individual organisations within it.