Description
This is an internal policy to be used by a business setting out the principles and legal conditions that organisations must satisfy when ‘processing’ personal data in the course of their operations and activities, including customer, supplier and employee data. It is tailored to comply with the GDPR.
Under Article 4(2) ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Read our GDPR blog post to learn more and download our FREE GDPR Awareness Q&A Fact Sheet.