General Data Protection Regulation (GDPR)

May 25th 2018 is the deadline day for companies to be compliant with the General Data Protection Regulation 2018. For Positive Steps this means we have had to review our systems and build on some of our existing data protection measures and systems. A key part of the regulations requires us to let people know if we are holding data on them, and we have done this by adding a new privacy statement to our website. You can access it by scrolling down to the bottom of any page, and clicking on the link. This statement tells service users what data we hold, our legal basis for holding it, what we use it for, how long we keep it for, and when we will delete it. It also covers our commitment to keeping data safe, and gives details on how service users can make a subject access request.