General Data Protection Regulation (GDPR) – Firrhill Parent Council, PTA and Working Groups
What is GDPR?
Most people will be familiar with GDPR by now – it is a regulation raised by the European Parliament which adds to the UK’s data protection laws, and gives people more rights over their own information (or data). GDPR came into force on 25 May 2018.
How will this affect the Firrhill Parent Council?
All organisations need to follow the rules of GDPR no matter how big or small, including Parent Councils, PTAs and other parent groups. As an organisation that collects and uses some personal data, we must be clear about how and why we record the personal data. We must also keep it secure, to make sure people have given us permission to hold their data, and to make corrections if the person asks us.
What have the Firrhill Parent Council, PTA & Working Groups done to meet GDPR?
We have set up and agreed a formal Data Protection Policy in place. This is available here.
We have briefed all members of our groups to make them aware of their responsibilities and asked that they check that they only hold data where it is needed. All members have been asked to make sure that if they do hold data, such as contact details, that is held securely.
What are our ‘working rules’ for dealing with personal data?
- If we don’t use or need personal data, don’t collect it.
- Only those who need personal data should have access to it
- Delete personal data when it is no longer needed.
- Remember to get permission.
- Make sure people now how, why, and for how long we will hold data, where it is needed.