The General Data Protection Regulation (GDPR) took effect across the EU on the 25th of May, 2018. Future Care Capital complies with all applicable data privacy laws and is fully committed to protecting the personal data of its beneficiaries, employees and website users, including individuals submitting views on the crowdsourcing platform.
To meet the new privacy standards set by GDPR, Future Care Capital has sought the advice of professionals to help in the implementation of the required processes and protocols. Future Care Capital’s enhanced GDPR processes include:
- Evaluating how all data is collected, used, stored and accessed;
- reviewing internal policies regularly and updating them as needed, the charity’s data protection, retention and website policy have been updated to include GDPR requirements;
- a Data Controller has been appointed to determine the reason, purpose, terms and process by which personal data is captured and processed within the charity;
- encouraging a culture of privacy protection through regular training;
- access controls for accessing certain types of data have been implemented;
- personal data encrypting, anonymising or permanently deleting user data;
- ensuring Future Care Capital always obtains data subject consent;
- processing subject access requests; and
- processing right to erasure requests.
Future Care Capital is committed to protecting personal data and also to ensuring an individual’s rights to privacy are protected.
Individuals have certain rights, which include:
- The right to obtain access to their personal data (what personal data Future Care Capital holds on an individual);
- the right to have personal data rectified if it is inaccurate or incomplete;
- the right to request the deletion or removal of personal data where Future Care Capital are not otherwise entitled to retain and process such data and there is no compelling reason for its continued processing;
- an individual has the right to restrict or suppress the processing of their personal data, in certain circumstances. Further information is available upon request;
- the right to withdraw consent at any time, where relevant; and
- the right to lodge a complaint with a supervisory authority (the Information Commissioner’s Office).
To exercise any of these rights, please contact Future Care Capital’s Data Controller ([email protected]) for details of how an application may be made.