General Data Protection Regulations and your rights as an employee

The introduction of the General Data Protection Regulations (GDPR) has meant that organisations are having to change the way that they process data, largely due to the fact that individuals have new rights. You have the right to:

• the rectification of data that is inaccurate, misstated, or incomplete, remains unchanged;

• be informed how personal data will be used;

• access your own personal data;

• demand transparency over the use of personal data and you should be informed of the employer’s procedures and uses before providing personal data;

• request and reuse personal data from an employer.

• be forgotten. This requires data processors, including employers, to remove personal data from their systems;

• withdraw consent to a processor (this includes an employer) obtaining personal data.

The following are also important:

The employer (and line managers) must deal with data appropriately, transparently and sensitively.

Data must be dealt with on a confidential basis. For example, information should not be shared about protected characteristics, such as a disability or pregnancy.

Information (data) about you as a member of staff must not be shared with others or left lying around.