Data Protection: The new General Data Protection Regulations (GDPR)
What is the GDPR?
GDPR is a new set of regulations that replace the previous Data Protection Act. The regulations came into force on the 25 May 2018 and place a greater responsibility on all organisations, including The Bridal Boutique, to ensure your personal data is secure, accurate and up-to date.
Access to information
Everyone will now have much greater access to the personal data that an organisation holds on them and will be legally allowed to view the data by making a Subject Access Request. Incorrect or incomplete data must also be rectified upon request. There is also a right to demand that your data is deleted if it’s no longer necessary to the purpose for which it was collected. This is known as the “right to be forgotten”.
Organisations must ensure they provide a lawful basis for processing all types of personal data that they have sought specific consent to use. The GDPR requires that controllers and processors must be transparent about how they collect data, what they do with it, and how they process it, and must be clear in explaining these things to you.
- What personal data we collect
- Why we collect it
- Who we share it with and why
- How we store it
GDPR will enforce stricter rules upon organisations to ensure that they are taking all reasonable measures to guard against data theft, loss, or other breach. And if there is a breach of your data we must let you, and the Information Commissioner’s Office know at the earliest opportunity.
You can visit the Information Commissioners Office (ICO) website for further information at https://ico.org.uk/for-the-public/
Exercise your rights under GDPR
Send your GDPR request via the form below.
Your request will be sent to the Data Protection Officer.