The General Data Protection Regulation (GDPR) is a new EU law that will come into effect on 25 May 2018, to replace the current Data Protection Act. It’s the biggest overhaul of data protection legislation for over 25 years and it will introduce new requirements for how organisations process personal data. It means that we have to revalidate our permission from members to hold and use personal data, and also to communicate with them. We are now starting a campaign to address this law. All members who have given us an email address have been contacted, and those who rely on snail mail will be covered by NABO News distributed in May 18.

We need all members to take action to accept the new requirements by logging in to the web site and amend their profile, or writing to us confirming acceptance.

The main changes are:

1. We have to get separate and specific agreement to the Privacy Policy and the Terms and Conditions from the members. We cannot assume just because members pay that they agree.
2. We have to record the date and way we get that agreement, either on the web site or by correspondence.
3. We have to provide the means to delete personal data. Members can do this themselves on line or can request the membership team to do so.

To cover the regulation, we have updated the Privacy Policy and this was approved by Council in April. You can read it here. We have not changed the Terms and Conditions and you can read them here.