Policies

This section is where you can find our policy documents. 

Privacy/Data Protection Policy

New General Data Protection Regulation (GDPR)

 Your personal data is important to us here at BACA. On 25 May 2018, the General Data Protection Regulation (GDPR) will be coming into force across the EU. The new regulation gives individuals more control over their personal data.  All data processing by BACA is done under the principles of the current Data Protection Act (DPA) and the incoming GDPR. 

GDPR Principles

 The principles of data protection under the GDPR are similar to those under the Data Protection Act (DPA), but include some extra detail. In summary, these are that personal data shall be:

  • processed in a lawful, fair and transparent manner
  • collected for specified, explicit and legitimate purposes, and that there will be no further processing that is incompatible with those purposes (there are some exceptions to this for processing for research, statistical or archiving purposes)
  • adequate, relevant and limited to what is necessary
  • accurate and kept up to date
  • kept in a form allowing identification of data subjects for no longer than is necessary (there are some exceptions to this for processing for research, statistical or archiving purposes)
  • processed in a secure manner

Also see the ICO’s webpage on GDPR data protection principles  

Our Privacy/Data Protection Policy

Please keep an eye out for email communications from BACA about GDPR as these emails are important and will require action. Thank you. Our policy can be viewed/downloaded below.