The EU General Data Protection Regulation (GDPR) replaces the 1995 EU Data Protection Directive and comes into force on the 25th May 2018.
The GDPR strengthens the rights that individuals have regarding personal data relating to them and seeks to unify data protection laws across Europe, regardless of where that data is processed.
We will assist our members with GDPR compliance by providing robust privacy and security protections which have mostly already been built into our services and contracts over the years.
Canterbury Umbrella Centre are responsible for implementing appropriate technical and organisational measures to ensure and demonstrate that any data processing is performed in compliance with the GDPR. Data Controllers’ obligations relate to principles such as lawfulness, fairness and transparency, purpose limitation, data minimisation, and accuracy, as well as fulfilling the rights of “Data Subjects” with respect to their data.
Canterbury Umbrellas commitments to the GDPR
Among other things, Data Controllers are required to only use Data Processors that provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR.
According to the GDPR, the Data Controller and the Data Processor must implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
At Canterbury Umbrella we have the expert knowledge, reliability and resources to fulfil our obligations as Data Processors
Our premises and network have proven security/defence systems for both their physical infrastructure and data processing environment.
Canterbury Umbrella does not transmit or keep any personal data online. Personal data is kept in a locked drawer and will not be held for longer than reasonable. Members are entitled to ask to see their personal data and must be reminded that all membership forms include a consent declaration. If a member wishes to terminate their membership and makes this known their data will not be kept for any longer than reasonable necessary (Umbrella aims to remove this data within 3 months).