GDPR: General Data Protection Regulation

On 25 May 2018 most processing of personal data by organisations will have to comply with the General Data Protection Regulation (GDPR).

The new GDPR legislation intends to make data protection laws consistent across EU nations and to implement more contemporary legislation, with many existing laws insufficient to protect against data usage on social media and the volumes of data now available to organisations

Your organisation should already be compliant with the existing Data Protection Act 1998 legislation and the GDPR builds on this. ‘This is evolution not revolution’.

For UK GDPR guidance and resources please refer to ICO here: UK GDPR guidance and resources | ICO

For free ICO training videos covering 6 modules, you can access that here: Training videos | ICO

Below are some resources to give you some guidance:

Community Action Suffolk

• Community Action Suffolk introduction

The Information Commissioner’s Office (ICO)

•  How to write a Privacy Notice
•  Data Protection self-assessment toolkit
• a guide to the GDPR
• Getting ready for GDPR Data protection self assessment toolkit

Charity Commission
 GDPR guidance from the Charity Commission (4 May 2018)

National Cyber Security Centre

• Small Charity Guide

Charity Finance Group

• Free guide to GDPR

Fundraising Regulator

• GDPR and Charitable Fundraising – Guidance Briefings