If you have disclosed the personal data in question to third parties, you must also inform them about the erasure of the personal data. The controller is also responsible for making sure that outside contractors comply. IG training available via the Learning and Development Programme. This means the policy will have a wider application within your organisation than simply as a method of demonstrating your compliance with data protection laws like GDPR.

Name, address, photo, email address, bank details, posts on social networking websites, medical information, or IP addresses are all valid. Digital data that is retained for longer than six years will be named as part of a digital continuity statement. These cookies will have identified and management policy itself provide clients. Should any adverse impact on equality be subsequently detected or highlighted by staff and other users of the policy then this will be analysed and remedial action taken as appropriate. We have specific obligations relating to personal data as set out in the GDPR.
Asia Pacific and around the globe. Do you need to keep the information from a legal perspective, a business perspective, a historical viewpoint and so forth?

Trust staff will be madeaware of their responsibilities for recordmanagement and recordkeeping through generic and specific training programmes and guidance. Companies can, however, share information about you with affiliates when the information is based solely on your transactions with that company, including whether you pay your bills on time and the type of accounts you have with the company. KARE will get the permission of that individual or in the case of a child their representative.