Data Protection/GDPR policy document

  1. We contacted the ICO for verbal guidance and advice
  2. We have registered with the ICO
  3. We have gone through the ICO checklist and complied with all the requirements
  4. We have briefed our staff on the policy and procedures
  5. Our members’ personal data paperwork is kept in a locked filing cabinet
  6. Access to our members’ personal data online is via login and password. We have checked that the data processor compiles with data protection regulations.
  7. Copies of the members’ privacy notice are available on the front desk
  8. All company computers are password-protected and have anti-virus software
  9. We have contacted our membership to verify continued permission to contact them by email for marketing or other purposes of communication with them.
  10. All employees have been given a copy of the employee privacy notice.