Back to Top

LONDON & HOME COUNTIES ALLIANCE GDPR

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018 and applies to all organisations that process ‘personal data’ within the EU. Whilst it is an EU bill it is important to note that the legislation will come into effect before the UK leaves the EU, so for a period of time will have direct effect in the UK. Additionally, legislation is currently drafted which will result in a version of the GDPR being incorporated into UK law. As such, irrespective of Brexit, GDPR, or its UK equivalent will continue to apply post the UK leaving the EU.

LHCA has ensured compliance with the GDPR’s data protection requirements in respect of personal data. In short, those requirements provide that data are:

  • processed lawfully, fairly and transparently

  • collected for specific, explicit and legitimate purposes

  • kept for no longer than as is necessary

  • accurate whereby companies must take reasonable steps to rectify data that is inaccurate

  • kept up to date where necessary; and kept secure.

As part of the GDPR compliance, LHCA will be ensuring that appropriate practices and protocols are in place and well known so that if there are requests for access to or transfers of personal data, that they are undertaken with the necessary consideration and having put in place appropriate protections (where necessary).