General Data Protection Regulations Policy
This policy sets out the College’s rules for compliance with the General Data Protection Regulation (GDPR) and specifies the legal conditions that must be satisfied in relation to the obtaining, handling, processing, transportation and storage of Personal Data.
The personal data may relate to present and past individuals.
This policy does not form part of the formal contract of employment, but it is a condition of employment that employees and contractors will abide by the rules and policies made by the College. Any failures to follow the policy can therefore result in disciplinary proceedings.
Any member of staff, who considers that the policy has not been followed in respect of Personal Data about themselves or another individual, should raise the matter with their line manager or Data Protection Officer of the College initially. If the matter is not resolved it should be raised as a formal grievance.
The requirement to comply with these regulations applies equally to activities performed both on and off college premises.