This article looks to highlight the core principles of GDPR. There is a lot of scare mongering out there, we are looking to give you the facts and help you understand exactly what you need to know and how to set both you and your business up for success.

The GDPR provides 8 rights for individuals:

The right to be informed – organisations are obliged to provide “fair processing information”, typically though a privacy notice and to be transparent over how they use personal data

The right of access – organisations are obliged to provide individuals with confirmation that their data is being process, access to the data held about them and any other supplementary information

The right to rectification – organisations are obliged to rectify any inaccurate or incomplete personal data, and where appropriate inform any third parties to whom the data has been disclosed

The right to erasure -organisations are obliged to provide individuals with “the right to be forgotten” such that all personal data is either deleted or removed

The right to restrict– organisations are obliged to provide individuals the ability to “block” or suppress processing of personal data held in certain circumstances

The right to portability – organisations are obliged to allow individuals to obtain and reuse their personal data for their own purposes;

The right to object – organisations are obliged to inform individuals of this right and provide the ability to object to the processing of their data on ground relation to their particular situation

The right not to be subject to automated decision-making – organisation are obliged to provide safeguards for individuals against the risk that a potentially damaging decision is taken without human intervention.

For more information on GDPR, visit our GDPR Hub for more information.