Preparing for GDPR
The GDPR law will come into effect on 25th May 2018, it requires all businesses to take action. Even if you are already registered with ICO you will need to take action YOU CANNOT IGNORE IT!
This forum will help you think about what measures you need to think about in advance and will help you ask yourself the right questions so that you can make changes to your practice to help you become compliant ready for May 25th. We have written some pieces to guide you through the process and we are providing this dedicated forum to enable you to talk about the decisions you are making and the policies and procedures you are changing in preparation. As with all forum areas you can ask questions and share your ideas and best practice!
51 topics in this forum
-
Dear all As you know we have been using this document as the basis of this piece: Preparing for the General Data Protection Regulation (GDPR). 12 steps to take now [ ICO. V.20 201700525] The original posts have got mingled in with other conversations in this forum area so for ease in case you wanted to refer to something quickly here is the list with links to the posts: (#1 of 12) - Awareness (#2 of 12) - Information you hold (#3 of 12) - Communicating privacy information (#4 of 12) - Individuals’ rights (#5 of 12) - Subject access requests (#6 of 12) - Lawful basis for processing personal data (#7 of 12) - Consent (#8 of 12) - Children (#9 of 12) - Data br…
Last reply by SueFinanceManager, -
- 25 replies
- 3.9k views
I am using the FSF's fabulous GDPR excel stored data sheet and this has thrown up the question as to why we collect the child's address. They say they don't know why the addresses are collected as it's not a statutory requirement. So, can anybody let me know why we do it. We obviously collect the parent's address (which technically should be the same for the child) to enable letters, invoices etc to be posted out to them but why do we have space on all the registration forms for the child's address?
Last reply by FSFRebecca, -
- 8 replies
- 2.4k views
HI, Firstly, thank you for all your hard work Rebecca and team, this forum has been invaluable. Secondly, does anybody have any idea about where to start with data sharing agreements?! What do I send to companies, is an email enough?
Last reply by AnonyMouse_82826, -
- 13 replies
- 2k views
Hello All, Firstly, Thank you so much to Rebecca and Lauren for all the work you have put in to make this crazy GDPR process easier for us clueless committee members. I have been trying to follow all the posts as much as I can, but I have a few queries, which may have been already asked and answered and i have missed. Our Pre-School is a Tiny pack-away setting, only 5 members on our committee of which 2 of them are the staff members! The other 3 family members are the Chairman, Treasurer and secretary! So any of the work needed to run the committee/financial side is done at our own homes away from Pre-School. At our recent committee meeting when discussing …
Last reply by FSFRebecca, -
- 3 replies
- 2.4k views
FurtureLearn have a free online course being advertised which might be helpful. You may feel that you know what you are doing but your committee / senior leaders / trustees are not so 'clued up'! Who is the course for? The course is specifically developed for professionals working for companies, public authorities and bodies, students, and anyone who wishes to know more about data protection and the GDPR, especially those handling personal data. You can find out more about it and book from here
Last reply by AnonyMouse_41798, -
- 11 replies
- 1.4k views
Has anyone changed there visitors book? where did you get yours from?. Ours currently is one from nursery resources
Last reply by AnonyMouse_54841, -
- 3 replies
- 1.1k views
Is there somewhere on the Forum I can find all the GDPR info in one place? Thanks in advance.
Last reply by FSFRebecca, -
- 1 follower
- 1 reply
- 679 views
Is there parental permission letter purely for Tapestry use? Apologies if this has been covered before
Last reply by Lauren, -
- 2 replies
- 790 views
We have been presented with a GDPR managed services proposal by our website host and wondered if this was necessary and what other settings have in place. It suggests the need for a SSL certificate and cookies control. Any help or suggestions greatly received
Last reply by Tim, -
- 1 follower
- 2 replies
- 901 views
Hi, Just having a last minute double check (and brain melt down!). Obviously we have all received a LOT of e-mails over the past couple of weeks asking us to positively opt in to continue to receive e-mails from them. When it comes to e-mailing parents we are only sending invoices and newsletters NOT marketing or generic e-mails. Do we still need their permission to contact them or is the fact that when we ask for their e-mail addresses we state that the reason for this is to send invoices to enough? Because by providing their e-mail address they are technically opting in? Any thoughts would be great as I am just contemplating whether it is totally necessary t…
Last reply by Lauren,