GDPR

Shoe Aid works to comply with the ICO (Information Commissioners Office) in order to comply with GPDR Regulations. and we will follow the ICO’s Guide to Data Protection. It is for DPOs  (Data Protection Officers) and others who have day-to-day responsibility for data protection.

It explains the general data protection regime that applies to most UK businesses and organisations. It covers the General Data Protection Regulation (GDPR) as it applies in the UK, tailored by the Data Protection Act 2018.

It explains each of the data protection principles, rights and obligations. (See below)

 

Principles

  • Lawfulness, Fairness and Transparency
  • Purpose Limitation
  • Data Minimisation
  • Accuracy
  • Storage Limitation
  • Integrity and Confidentiality (Security)
  • Accountability Principle

Lawful Basis for Processing

  • Consent
  • Contract
  • Legal Obligation
  • Vital Interests
  • Public Tasks
  • Legitimate Interests
  • Special Category Data
  • Criminal Offence Data

Individual Rights

  • Right to be Informed
  • Right of Access
  • Right to Rectification
  • Right to Erasure
  • Right to Restrict Processing
  • Right to Data Portability
  • Right to Object
  • Rights Related to Automated Decision Making Including Profiling

Accountability and Governance

  • Contracts
  • Documentation
  • Data Protection by Design and Default
  • Data Protection Impact Assessments
  • Data Protection Officers
  • Codes of Conduct
  • Certification
  • Data Protection Fee

Security

  • Encryption
  • Passwords in Online Services

Personal Data Breaches

International Transfers

Exemptions