Introducing the new data privacy laws
2018 sees one of the biggest changes to UK data privacy laws as the General Data Protection Regulation (GDPR) was introduced across Europe on 25 May.
The General Data Protection Regulation (GDPR) deals with the huge increase in customer data that is now generated from social media and online activity. Whether that’s sharing a tweet or shopping online, the new laws provide individuals with more transparency and stronger rights regarding personal data.
At Kasa Eshna we have always taken data privacy very seriously and we believe the introduction of the GDPR is really positive – giving you more control over how organisations use and manage your data.
What does this mean for you?
GDPR provides you with more transparency regarding your personal data. It strengthens your rights, giving you improved access to your data and the right to review and, in certain circumstances, edit or delete the information that organisations store about you.
Whilst that’s good news for consumers, the great news for Kasa Eshna customers is that you don’t need to do anything. We’ll keep looking after your data like we always have and if you do want to know more about the data we hold and how we use it, all you need to do is check out our privacy policy.
More information on GDPR
To find out more about GDPR, follow the links below to read the guidelines and information published by the Information Commissioner’s Office:
GDPR guide to individual rights
Frequently Asked Questions
What is the GDPR?
The General Data Protection Regulation (GDPR) is a new law that has come into force across the European Union (EU). It builds upon existing data protection laws in place in the EU, and is designed to give individuals, such as customers and employees, increased rights and transparency over their personal information by helping them understand how companies, such as the HSBC Group, use their data, for example, for lawful purposes in the provision of banking services. The law also gives individuals the ability to exercise their rights such as correcting or accessing their data.
When did the GDPR come into effect?
The GDPR came into effect on 25 May 2018 in the UK and across the EU and builds upon the existing UK Data Protection Act 1998.
Who is affected by the GDPR?
The GDPR applies to organisations located within the UK and EU which process personal data about individuals. It may also apply to organisations located outside of the EU that process the personal data of EU residents in some instances.
Why has the GDPR been introduced?
With more digital advances and fundamental changes to the ways in which data can be used and shared, the GDPR attempts to modernise the law to cope with developments in information technology. It is intended to bring about openness and transparency between individuals and the organisations that use their data, and to ensure organisations act in an accountable and compliant manner where they process individuals’ data. In the UK, Parliament is also in the process of introducing a new law (the UK Data Protection Act 2018), which will sit alongside the GDPR. You may hear people refer to this, but Kasa Eshna’s actions in the UK are intended to cover both the GDPR and the UK Data Protection Act 2018.
Why has an updated Privacy Notice been introduced?
Kasa Eshna Group has provided updated Privacy Notices to provide more specific information to individuals about how we use their data, and their rights in respect of their data. We have issued standalone Privacy Notices specifically for customers which explain how we collect their information, how we use their information and who we can share their information with. Many other organisations have similarly issued new and updated privacy notices to their customers.
How will the new Privacy Notice affect customers?
Both summarised and full versions of our new Privacy Notice are available to view now. No action is required from customers. The Privacy Notice provides customers with more information about the use of their information and their rights.
What is personal data?
Personal data is any information related to a living person (known as a data subject) that can be used directly or indirectly (when combined with other information), to identify the person. It doesn’t apply to non-living persons, for example most corporate entities, but may apply to data we process about individuals connected with that corporate.