Lymington Directory 1 June/July 2018
Community magazine
Community magazine
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
WHAT 0N EARTH IS GDPR?<br />
You may have heard about the General<br />
Data Protection Regulations which are just<br />
become law but may not have any idea<br />
what it means for regular people. You’re<br />
not alone. To fully explain GDPR would<br />
take more space than I have here, but I<br />
hope to give you an idea of how it affects<br />
you.<br />
The reasoning behind GDPR is that<br />
businesses have been playing fast and<br />
loose with our personal information,<br />
without too much in the way of risk to<br />
themselves. For large companies, a fine of<br />
£500,000 isn’t really a deterrent. £17m or<br />
4% of annual turnover, whichever is<br />
higher, hurts a bit more.<br />
But it’s not just about what happens when<br />
things go wrong. GDPR also gives the little<br />
man the right to know what information a<br />
company is holding about them, how long<br />
they intend to hold it, what justification<br />
they have to do so and the right to have<br />
the information completely destroyed.<br />
If there is a valid legal reason, such as part<br />
of a contract, then there is no right to be<br />
forgotten. But otherwise companies have<br />
to comply with removal requests within a<br />
reasonable timescale and can be reported<br />
to the Information Commissioners Office,<br />
who have much more power now, if they<br />
don’t.<br />
Companies also have to publicly publish<br />
how they deal with your personal information<br />
and how long they intend to hold<br />
on to it. They also have to say how<br />
individuals can contact them with queries<br />
or requests specifically relating to personal<br />
data.<br />
These details are commonly linked to on<br />
company websites, so look for links to<br />
things like Personal Data Protection Policy,<br />
Data Retention Policy or Data Privacy<br />
Notice at the bottom of website pages, or<br />
in their legal sections.<br />
Most importantly, they cannot keep your<br />
information without your consent if they<br />
have no other reason to keep it. There is<br />
something called ‘Legitimate Interest’ as<br />
well as legal contracts which allow data<br />
retention, but companies can only use<br />
your data for the use they are claiming<br />
legitimate interest. They can’t for instance<br />
add you to their email list as well if they<br />
don’t have your explicit consent to do so.<br />
Companies have to renew any consent you<br />
give on a regular basis and if they ask you,<br />
and you don’t reply, they have to remove<br />
you from their records. See<br />
www.ico.org.uk for more information.<br />
Please mention The <strong>Lymington</strong> <strong>Directory</strong> when responding to advertisements<br />
37