Data Protection & the General Data Protection Regulations (GDPR)

What is the GDPR?

GDPR is a new set of regulations that replace the existing Data Protection Act. The regulations come into force on the 25 May 2018 and they place a greater responsibility on all organisations, including Clydebank Housing Association, to ensure your personal data is secure, accurate and up-to date.

Access

Everyone will now have much greater access to the personal data that an organisation holds on them and will legally be allowed to view the data by making a Subject Access Request.   Incorrect or incomplete data can also be rectified upon request. There is also a right to demand that your data is deleted if it's no longer necessary to the purpose for which it was collected. This is known as the "right to be forgotten".

Processing

Organisations must ensure they provide a lawful basis for processing all types of personal data that they have not sought specific consent to use.  The GDPR requires that controllers and processors must be transparent about how they collect data, what they do with it, and how they process it, and must be clear in explaining these things to you.

Clydebank Housing Association provides a Fair Processing Notice outlining the following details of how we manage the data we collect:

  • What information we collect
  • Why we collect it
  • Who we share it with and why
  • How we store it

You can find all of our Fair Processing Notices in the table below.

Security

GDPR will enforce stricter rules upon organisations to ensure that they are taking all reasonable measures to guard against data theft, loss, or other breach.  And if there is a breach of your data we must let you, and the Information Commissioner's Office know at the earliest opportunity.

Further Information

You can visit the Information Commissioners Office (ICO) website for further information at https://ico.org.uk/for-the-public/