GDPR – Your data | Your Rights in a nutshell

From 25 May 2018, the European Union’s General Data Protection Regulation (GDPR) is massive news when it comes to your data privacy. It will have a big impact on how organisations interact with you.

You might have already heard about GDPR from other organisations but if not here is our quick overview.

Over the years you have been sharing your personal information with many organisations from your local doctor to online shopping sites. But it is the explosion in social media that has probably had the greatest impact on your privacy and this has prompted the European Union (EU) to take action and agree this legislation.

The GDPR is the biggest change to data privacy law in 20 years and the really good news is it puts you, the individual, in control of your data by giving you certain rights.

As you might expect, the legislation is quite complex but below we take a brief look at those rights:

The right to be informed

An organisation collecting your data must tell you what they want, why they want it and what they intend to do with it. They must tell you who they are and how you can contact them. All of this information should be in their Privacy Notice and before you part with your details make sure you are happy with the information provided in it.

The right of access

You can request to see the information an organisation holds about you and to confirm they are processing it in the way they said they would. Unless you are asking for the information on a frequent basis, they must provide it free of charge and within one month of your request.

The right to rectification

Once you have seen the information, if necessary, you can ask the organisation to rectify inaccurate personal data or to have it completed if in complete.

The right to erasure

Also known as the right to be forgotten, you can ask an organisation to delete your details from their records. This is not an absolute right and there are exceptions but it is particularly useful if you are being bugged by direct marketing companies.

The right to restrict processing

This is an alternative to the right to erasure and it too is not absolute and only applies in certain circumstances. For example you might restrict processing while an organisation is correcting inaccurate information.

The right to data portability

This allows you to reuse your own personal data across different services by easily moving it from one IT environment to another. This right is also limited to certain circumstances, for example where you have given an organisation your information to perform a contract. You might for instance want to upload your utility usage into a price comparison website.

The right to object

There are also some exceptions to this rule but the situation that will likely affect most people again relates to direct marketing. If you object to an organisation processing your personal data for direct marketing purposes they must stop immediately you tell them. There are no exemptions or grounds to refuse.

Rights in relation to automated decision making and profiling

Automated individual decision-making is a decision made by automated means without any human involvement. Any organisation relying on automated processes must give you very specific information about the processing and you have a right to challenge decisions made. An example of automated decision-making is an online decision to award a loan.

This is just a snapshot of your rights under GDPR. For an in-depth look visit the official EU GDPR portal.

TRAVEL UNI, EQUATOR LEARNING AND YOUR PERSONAL DATA

Travel Uni and all online learning sites powered by Equator Learning Ltd have always been committed to protecting your privacy and GDPR gives us the structure to further enhance our processes.

We do: use your personal data to help us enhance, modify, personalise or otherwise improve our services / communications for the benefit of you and all our users; to better understand how you interact with our courses and use our services; and to enable relationship building between you and the sponsors of the online learning programmes.

We do: give you password-protected access to your own personal dashboard where you can control your data. And we are continuing to improve this function.

We do: respect your privacy and work hard to ensure we meet strict regulatory requirements.

We do: publish Privacy Notices for each of our courses. Take a look before you sign-up and check back from time to time as there will be changes relating to GDPR.

We don’t: use automated decision making and profiling.

We don’t: sell your personal data to third parties.

By signing up to Travel Uni or an online learning course powered by Equator Learning Ltd you have free access to a whole range of courses sponsored by our third-party partners. Our aim is to empower you to do your job as productively as possible and to help you learn and earn.

 

 

 

Leave a Reply