Interloch Transport GDPR: Statement of Compliance
The General Data Protection Regulation is a European-wide law that replaces the Data Protection Act 1998 in the UK. It places greater obligations on how organisations handle personal data. It came into effect on 25 May 2018. The Data Controller in this respect is Interloch Transport and this is a general statement of our compliance to date.
We view GDPR as a constant programme of works that will require continuous monitoring, management and improvement.
Our GDPR actions to date:
We are reviewing our policies on a regular basis
We view GDPR as a constant programme of works that will require continuous monitoring, management and improvement.
Our GDPR actions to date:
- We have conducted a Data Impact Assessment and created a Data Inventory
- We have completed an LIA (Legitimate Interests Assessment)
- We have created a Data Protection Policy
- We have created a Staff Privacy Notice document
- We have created a General Privacy Notice document
- Privacy notices have been sent to all staff
- Our General Privacy notice has been published on our website
- Our Statement of Compliance has been published on our website
- A GDPR statement has been written into our membership forms
- We have purchased a commercial grade shredder
We are reviewing our policies on a regular basis