Scottish Council for Voluntary Organisations
Join our community
About Support & learning Services Funding Jobs & employability Policy & research

Data protection & GDPR

We want to help charities and voluntary organisations understand more about data protection and the EU General Data Protection Regulation (GDPR) which came into force in the UK on 25 May 2018.

Our Datawareness initiative brings together useful information and resources, as well as providing access to training and events, to help demystify data protection.

SCVO member organisations with an income of less than £500,000 can also access up to two hours of free legal advice which could be used to review your organisation’s data protection policies and procedures.

We’ve also launched a new series of ‘Introduction to data protection and GDPR’ training courses open to all voluntary sector organisations, with a discount available for all SCVO members.

About data protection

If you hold and process information about your clients, employees or suppliers, you are legally obliged to protect that information. Under the Data Protection Act you must:

  • Only collect information that you need for a specific purpose
  • Keep it secure
  • Ensure it is relevant and up to date
  • Only hold as much as you need, and only for as long as you need it
  • Allow the subject of the information to see it on request

If you handle personal information you may need to register with the Information Commissioner’s Office (ICO) as a data controller. Notification is a statutory requirement and every organisation that processes personal information must notify the ICO unless they are exempt. Failure to notify is a criminal offence.

The ICO has an online Data Protection Self-Assessment Toolkit which provides a ‘health check’ of where organisations are currently in relation to the specific areas covered in the toolkit: records management, security and the handling of subject access requests.

About GDPR

The ICO has produced lots of resources about GDPR for organisations which includes tools to assess your lawful basis for processing personal information and resources for reporting a data breach.

Organisations can also sign up to the E-newsletter | ICO to stay up to date with new guidance as and when it is released.

ICO GDPR clips

Watch David Freeland from the ICO talk about GDPR in the clip below – you can find more clips from his team on our YouTube channel.

Resources

Page last modified on 27th January 2020

Was this page helpful?

Find information on…

Setting up an organisation

Funding for my project

Training courses & events

Jobs in the sector

Related posts

Tracey Bird
Good governance is now vital to ensure resilience and recovery
4th August 2020
Siobhan Mercer
Cyber Security – a how to guide
27th May 2020
Siobhan Mercer
How to protect yourself from misinformation, fake news and scams
25th May 2020
Beth Mukushi
Not more content. Smarter content.
20th May 2020

Latest posts  See more

Tracey Bird
How to build strong board relationships – and how mediation can help if it goes wrong
27th January 2021
Alison Stone
Why do trustees need to bother about cyber security?
6th January 2021
Thea Kellock
Governance Matters: even in a global pandemic
2nd November 2020
Beth Mukushi
Coronavirus restrictions: understanding the 5 tier system
28th October 2020