Data Protection Policy
13. Notification
13. Notification
13.1 We recognise that whilst there is no obligation for us to make an annual notification to the UK Information Commissioner's Office (ICO) under the GDPR, we will consult with the ICO where necessary when we are carrying out “high risk” processing.
13.1 We recognise that whilst there is no obligation for us to make an annual notification to the UK Information Commissioner's Office (ICO) under the GDPR, we will consult with the ICO where necessary when we are carrying out “high risk” processing.
13.2 We will report breaches (other than those which are unlikely to be a risk to individuals) to the ICO where necessary, within 72 hours. We will also notify affected individuals where the breach is likely to result in a high risk to the rights and freedoms of these individuals.
13.2 We will report breaches (other than those which are unlikely to be a risk to individuals) to the ICO where necessary, within 72 hours. We will also notify affected individuals where the breach is likely to result in a high risk to the rights and freedoms of these individuals.
Click on the links below for other sections of the IAP Data Protection Policy:
Click on the links below for other sections of the IAP Data Protection Policy:
3. Definitions of data protection terms
5. Processing data fairly and lawfully
6. Processing data for the original purpose
7. Personal data should be adequate and accurate
8. Not retaining data longer than necessary
9. Rights of individuals under the GDPR
11. Transferring Data Outside the EEA