GDPR and Data Protection

General Data Protection Regulation and Data Protection

The General Data Protection Regulation (GDPR) becomes applicable on 25th May 2018. 

The principles of GDPR state that data should be:

 - Processed lawfully, fairly and in a transparent manner

 - Collected for specified, explicit and legitimate purposes

 - Adequate, relevant and limited to what is necessary

 - Accurate and, where necessary, kept up to date

 - Retained only for as long as necessary

 - Processed in an appropriate manner to maintain security

The CILEx Group Policy also sets out how we will deal with subject access requests, and how individuals are entitled to access their personal data held by the Group, or any of the individual organisations within it.