General Data Protection Regulation (GDPR) Compliance
The General Data Protection Regulation (the GDPR) forms a core part of European Union (EU) data protection laws.
On 25 May 2018, the GDPR replaces the existing EU data protection directive known as Directive 95/46/EC (the Directive). In the UK, the Directive was made part of UK law through the Data Protection Act 1998 (the DPA). The GDPR will therefore replace the DPA also. There will not be a grace period for compliance because the GDPR was adopted and published in April 2016.
The GDPR imposes rules on persons, companies, government agencies, non-profits and other organisations that process personal data. These rules set out, amongst other things, how personal data may be obtained, used, stored and deleted.
The GDPR has a broad scope and applies to Essential Ponds as an organisation that processes personal data. Broadly speaking, the term "personal data" means any information that can be used on its own or in conjunction with other data to identify a living individual (e.g. names, physical addresses, email addresses and much more). The term "processing" is broadly defined and can include collection, use and deletion of personal data.
Essential Ponds and its compliance with the GDPR
Essential Ponds has actively taken steps to comply with the GDPR. We have reviewed (and updated where necessary) our internal processes, procedures and documentation. We have amongst other things:
We also have a series of GDPR Policies and Statements for internal company use and not intended for publication, but that are available upon request if such is a request is both reasonable and lawful.
You can find more information on our terms and conditions and policies on the links below.
This page was last updated on 04/08/2018