First slide image
GDPR and the National Association of Shopfitters

GDPR and the National Association of Shopfitters

01-May-2018

The EU General Data Protection Regulation (GDPR) comes into force on Friday 25 May 2018. It has taken four years to develop and is the most important change in data privacy legislation in two decades.

GDPR is an EU-wide regulation that will replace the current data protection laws in the UK. It has been designed to provide greater protection for personal data in today’s digital world.

Brexit will not affect the commencement of the GDPR. The UK Government has made it clear that GDPR will become part of UK law from Friday 25 May, as it also applies to organisations who interact with citizens of other EU countries.

The NAS, as a data processor, will comply with its GDPR obligations when they take effect and will work to ensure privacy and responsible use of data for all our stakeholders.

What is the NAS is doing

The NAS is committed to adhering to all GDPR procedures. We have clear policies and processes in place to ensure we comply, and we will exercise responsibly our duties as a data controller and data processor.

We’re updating our Privacy Policy, Cookie Policy and Data Retention policy to comply with the new regulation and these are effective from 25 May 2018. NAS staff have been and continue to be trained to follow good practice in:

Gathering information

Storing information

Complying with all reasonable requests from individuals to find out about the information we hold on them

Providing evidence for audits

The NAS is reviewing all consent forms across the organisation and amending these documents to show how and when consent should be obtained. This will ensure consent from individuals is affirmative, freely given, specific, informed and unambiguous.

The option to opt out of marketing communications will always be available and included in communications with an individual outside the NAS.

The NAS believes that privacy is a very important right for citizens and wishes to assure all the company’s members, customers and suppliers that we are working hard to ensure compliance in all areas of the business.

NAS ARE UNABLE TO GIVE ADVICE OR GUIDANCE TO MEMBERS  ON GDPR.  WE WOULD ADVISE MEMBERS TO SEEK THEIR OWN  INDEPENDENT ADVICE ON THE MATTER.