Introduction: This is the staff data protection training policy for Pealsonia Limited. The General Data Protection Regulation (GDPR) is based around six principles of handling of personal data. Data privacy and security are a key part of the principles. As a business we want to ensure that all our employees are aware of the importance of the rules around data protection.
Scope: To that end all employees that handle personal information of individuals must have a basic understanding of the GDPR and other relevant data protection laws. Staff with duties such as computer and internet security, marketing and database management may need specialist training to make them aware of particular data protection requirements in their work area.
Training topics: Training will include but is not limited topics such as:
- Identifying the different categories of data;
- An understanding of the 6 principles of GDPR;
- An understanding of the lawful bases for processing data under GDRP;
- An awareness of the 8 rights that individuals have;
- Knowing who to contact in relation to data protection queries in your business;
- How to identify and process a Subject Access Request;
- How to identify a data breach for notification purposes and how and when to report this;
- The internal policies and procedures that the business has to comply with the GDPR.
Responsibility: In our business Hilary Neots has responsibility for the training and development needs of staff. Hilary Neots is also responsible to keep a record of staff training.
Hilary Neots
Managing Director
Policy review: September 3rd, 2021
Email: hilary@pealsonia.com