top of page

Data Protection & GDPR Policy

UKLSI recognises the need to comply with the various laws regulating the processing of personal data. It is our desire that members recognise the risks involved when dealing with such information and fully understand the steps that must be taken in order to minimise such risks. It is UKLSI’s policy to educate and inform members about the dangers of inappropriate and illegal use of the personal data they may have access to.

 

Whenever you are involved in processing any personal data, you must ensure that all associated procedures have been sanctioned by the chair and Trustees. You must only operate within sanctioned procedures: -

 

  • If for any reason registration of the information is withdrawn, you must stop using the particular data immediately.

  • You must ensure that your appropriate records are maintained and safe and are only used to perform your particular job

  • You must ensure that all personal data is used, held and disclosed only for the registered purpose: you should not use any of the systems outside of this criteria

  • Information must be collected and processed in a prudent and lawful manner and should be kept up to date and accurate at all times

  • The information should only be retained for the period necessary, and for the purpose for which it is held

 

If you have any concerns or questions regarding the processing or use of personal data you should contact the chairperson as soon as possible. If in any doubt you should cease to process the information.

 

If you are required to use electronic equipment such as a computer or data-holding device, it is your responsibility to ensure that reasonable measures are taken to ensure the security of information contained within them. Such measures include keeping equipment in a lockable location when not in use and/or using password protection for files containing information covered by data protection legislation.

 

A breach of the data protection regulations or failure to adhere to UKLSI’s policies could have serious repercussions for UKLSI and for yourself, if you are found responsible.

 

If you are aware of any breech of Data Protection you must bring it to the attention of the chairperson immediately.

 

If you have access to or are responsible for collecting personal information that relates to any of UKLSI’s candidates, the above guidelines should be strictly adhered to.

 

As a member, you need to be aware that UKLSI personal details pertinent to your membership on file as part of its personnel records. This may include sensitive information. This information may be processed for administrative or legal purposes. This may include passing certain membership related data to third parties such as government authorities, Your data may also be used in emergency situations, to protect the legal interests and other rights of , UKLSI or in other situations where you have consented to the disclosure of such information.

 

The following are examples of information which may be retained by UKLSI as part of its personnel records. The list is not exclusive or exhaustive: -

 

  • References obtained during recruitment

  • Training records

  • Contact names and addresses

 

It should also be noted that UKLSI might hold the following information about you, for which disclosure will be made only when strictly necessary for the purposes set out below: -

 

  • Your health, for the purposes of compliance with our health and safety and our occupational health obligations

  • In connection with unspent convictions to enable us to assess your suitability for relevant roles.

 

UKLSI will endeavour to update personnel files on a regular basis. It is your responsibility to ensure that any changes in personal details are communicated in writing to

UKLSI immediately, or as soon after the change as is practicable; and to inform your next of kin (or whoever you give as an emergency contact) that their details may be held on a personnel file.

 

Any data provided to UKLSI will be protected in accordance with Data Protection Act: DPA 2018. UKLSI will protect the personal data provided and ensure that it is not passed to anyone who is not authorised to see it. The information provided will be processed in accordance with the regulations contained within the Act. The information provided will be retained by UKLSI for a period of 5 years after your course, in accordance with the regulations contained within the Act.

 

UKLSI will protect data in conjunction with the seven key principles of GDPR.

​

  • Lawfulness, fairness and transparency

  • Purpose limitation

  • Data minimisation

  • Accuracy

  • Storage limitation

  • Integrity and confidentiality (security)

  • Accountability

bottom of page