In 2018 the General Data Protection Regulations (GDPR) replaced the Data Protection Act (DPA 1998). Brexit has not made a material difference to the regulations.
While the GDPR contains all the same principles as the DPA, there are some additional requirements, in particular regarding the need to obtain proper consent to retain personal information about a living individual. In addition the regulations increase the rights of an individual in respect of how their data is kept and includes the right to be “forgotten”. Read more on the differences here
You will be able to get a good overview of the GDPR requirements by reading the documents on this page. The templates at the end – particularly the Audit Form, the Privacy Notice and the Consent Form – will help make your parish compliant to the GDPR requirements.
Explore these pages for more:
- The Eight Rights of Individuals under GDPR
- The Six Lawful Bases under GDPR
- GDPR terms and what they mean
- GDPR FAQs
Parish Buying has negotiated discounted rates on GDPR training with provider Me Training. Each course costs just £10 and there are five levels, ranging from Basic to Advanced. You can book through Parish Buying by following this link. (Free registration is needed.)
You might find these templates useful for your GDPR admin:
- Privacy Notice
- Retention Policy
- Audit Form
- Consent Form
- Churches’ CCTV Policy template and the accompanying Guidance for churches which have a camera surveillance system installed