The General Data Protection Regulation (GDPR) is one of the biggest changes to UK data privacy law and comes into effect on Friday 25 May 2018.
To comply with the GDPR, we are required to inform Environmental Bodies (EBs) and other stakeholders of the lawful basis under which we process personal data and to inform you of why processing your personal data is necessary.
As the appointed regulator of a statutory scheme, we are required to collect certain limited personal data in order to carry out our regulatory functions. We therefore collect and process your data under the GDPR lawful basis of:
GDPR Article 6 (1.e) Public task: the processing is necessary for us to perform a task in the public interest or for our official function, and the task or function has a clear basis in law.
- When and why ENTRUST collect personal data;
- What personal data we collect;
- How we use individual's personal data;
- How we store personal data;
- The conditions under which we may share an individual's personal data; and
- When we may destroy an individual's personal data.
Additionally the policy also explains an individual's data rights and protections under the GDPR.
ENTRUST is registered as a data controller with the Information Commissioner's Office (ICO) under registration number Z8361674. Our registered Data Protection Officer is Jess O'Brien, Communications Manager. Any enquiry about how we process employee or recruitment data, or any questions regarding this policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to:
The Data Protection Officer
60 Holly Walk
Alternatively you can call our Helpline on 01926 488 300.