This document is from our Archive and no action should be taken in reliance on it without specific legal advice. You can perform a search for more recent content.
In the same way that you enjoy individual rights and the right to have your personal data safeguarded, you also have a responsibility under GDPR to respect and protect the personal data of colleagues, customers and others. This short film explains the dos and don'ts.
For more information see GDPR and Data Protection.
Mishcon de Reya
GDPR - What are your obligations?
Legal Director, Mishcon de Reya
I am Nina O’Sullivan, Legal Director at Mishcon de Reya.
GDPR, what are your obligations? In the same way that you enjoy individual rights and the right to have your personal data safeguard, you also have a responsibility under GDPR to respect and protect the personal data of colleagues, customers and others. Your organisation will have measures in place to keep personal data secure and it’s essential that you adhere to them and report any breaches that you become aware of. A few dos and don’ts: read and comply with the company’s policies and procedures, in particular familiarise yourself with policies on data retention, how long should personal data be kept for? And what you are expected to do when a Subject Access Request comes into your in box. Only use personal data for the intended purpose. Keep passwords secure and only use secure connections or encryptions. Always doublecheck email addresses. Keep documents or equipment secure at all times, including when out of the office. Familiarise yourself with procedures on data breach and report any suspected breach. Be a privacy champion, always have at the back of your mind how you would want your own personal data to be dealt with. GDPR may seem disruptive but it could strengthen customer relationships. How will you embrace the opportunities?
Mishcon de Reya
It’s business. But it’s personal.