Cookies on Helen Arkell

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the Helen Arkell website. However, if you would like to, you can change your cookie settings at any time.

GDPR Compliance Statement

General Data Protection Regulation Compliance Statement

May 2018

On May 25th 2018, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organisations that offer goods and services to people in the European Union (EU), or that collect and analyse data tied to EU residents. The GDPR applies no matter where you are located.

Our Commitment

Helen Arkell Dyslexia Charity is committed to the preservation of its reputation and integrity through compliance with applicable laws, regulations and ethical standards wherever it operates. All employees are expected to adhere to these laws, regulations and ethical standards, and management is responsible for ensuring such compliance.

Helen Arkell Dyslexia Charity is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have a data protection programme in place which complies with existing law and abides by the data protection principles.

Helen Arkell Dyslexia Charity is dedicated to safeguarding personal data as both a Data Controller and Data Processor. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.

What is the Helen Arkell Dyslexia Charity doing?

Helen Arkell Dyslexia Charity as a charity has undergone an extensive project to address the GDPR principles and how it impacts our Employees, Customers and Suppliers.

Helen Arkell Dyslexia Charity has taken the following steps to further the data privacy controls already in place:

Assurance

Helen Arkell Dyslexia Charity conduct audits to identify and assess what information we process, how and where it is processed, and who has access.

Data Collection

Helen Arkell Dyslexia Charity has carried out assessments to understand, classify and validate what personal data we process, and regularly update our Data Asset Register.

Data Retention

Helen Arkell Dyslexia Charity has a Data Retention policy and reviewed procedures to ensure the ‘data minimisation’ principle is applied and personal data is kept for no longer than is necessary for the purposes for which it is being processed. 

Policies and Procedures

Helen Arkell Dyslexia Charity has reviewed all applicable policies and procedures to ensure they are aligned to GDPR. Policies and procedures are reviewed on a periodic basis.

Awareness

Helen Arkell Dyslexia Charity staff have been given access to data protection awareness training and material prior to May 25th 2018. This will ensure that all Helen Arkell Dyslexia Charity employees are aware and understand how vital it is to comply with the GDPR regulations.

Subscription to e-newsletters

Helen Arkell Dyslexia Charity’s primary public communication channel is via e-newsletters. We enable subscription to that service via our website. The subscription process allows subscribers the ability to update their options to choose to receive the e-newsletter or not. Each e-newsletter has a clear opt-in process allowing us to obtain proof of the time and date. It also allows customers and suppliers the ability to withdraw consent at any time.

Privacy Policy

Our current privacy policy is located on our website: https://www.helenarkell.org.uk/about-us/privacy-policy.php

This privacy policy has been updated to ensure it complies with the GDPR regulations.

Information Security

Cyber security is a growing concern for many organisations, and one we take very seriously at Helen Arkell Dyslexia Charity. We have strong cyber security measures in place which means that we are not only protecting ourselves but our suppliers and customers as well. We have dedicated IT Security professionals and use a managed service for our data.

Helen Arkell is proud to have gained Cyber Essentials certification and our certificate can be seen here. Cyber Essentials is a UK government scheme encouraging organisations to adopt good practice in information security. It includes an assurance framework and a simple set of security controls to protect information from threats coming from the internet. It was developed in collaboration with industry partners, including the Information Security Forum, the Information Assurance for Small and Medium Enterprises Consortium and the British Standards Institution, and is endorsed by the UK Government. It was launched in 2014 by the Department for Business, Innovation and Skills.

GDPR Roles and Responsibilities

Helen Arkell Dyslexia Charity has appointed a Data Protection Officer – The Head of Operations.

For any additional queries about how Helen Arkell Dyslexia Charity is preparing for GDPR, please contact:

Data Protection Officer
Helen Arkell Dyslexia Centre

Arkell Lane

Frensham, Farnham, Surrey, GU10 3BL

Email: [email protected]

 

 

Website by Dewsign  |  UI Design by Sam Barclay