• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
0203 011 4242   
Contact us
Praxis42

Praxis42

Health and Safety eLearning Consultancy

  • About
        • Our valuesDiscover our values, aspirations and core competencies.
        • Meet the teamLearn about the Praxis42 team of compliance experts.
        • Case studiesExperience how our services support our clients.
        • ReviewsGenuine reviews and ratings from our clients.
        • AccreditationsOur professional expert accrediations, approvals and partners.
        • Terms and conditionsGet easy access to our terms and conditions documents.
        • CareersJoin the Praxis42 team and discover our current vacancies.
        • Latest resources

          • DSE glasses and eye tests for employees – does my employer have to pay?
          • Product Demo: Why your DSE process is building a non-compliance database – and what to do about it
          • What are the Display Screen Equipment Regulations (1992)?
          • Ep 11: Trust without condition – Christian Harris
          • Ep 7: 8 common electrical hazards in the workplace
        • Latest courses

          • Cyber attacks and strategic cyber planning for managers £25.00
          • Behavioural Safety Course Behavioural Safety £25.00
          • Lone working course main image Lone Working Awareness £25.00
          • Image of magnifying glass and laptop Conducting Effective HR Investigations £25.00
          • Data personal information course main Data and Personal Information Security £30.00
  • Services
        • Products
        • eLearning CoursesAccess our extensive library of eLearning training courses.
        • Assessment ToolsInteractive health and safety assessment and evaluation tools.
        • SHINEDiscover SHINE – our complete learning management system.
        • Fire, Health and Safety HelpdeskA central point to access a competent person.
        • Hiscox Risk AcademyPowered by Praxis42.
        • Services
        • Audits and assessmentsEvaluate organisational compliance with on-site assessments and audits.
        • ConsultingDiscover our technology-led health and safety consulting services.
        • Bespoke trainingBespoke fire, health and safety training to support your organisation.
        • SaaSOur health and safety software as a service platform.
        • Topics
          • Fire safety
          • Food Safety
          • Building safety
          • Wellbeing
          • Workplace safety
          • Homeworking
        • Sectors
          • Manufacturing
          • Retail
          • Construction
          • Hospitality
          • Office
          • Telecommunications
  • eLearning
        • Complete library of coursesOur library of over 50 health and safety elearning courses.
        • Health and safety coursesProtect employees with our health and safety courses.
        • Wellbeing coursesPromote mental and physical wellbeing with our courses.
        • HR coursesImprove management and staff skills with our HR training.
        • Cyber coursesOnline courses to help you stay cyber compliant.
        • Food safety coursesEnsure food safety compliance with our food hygene courses.
        • Fire safety coursesProtect people and premises with our fire safety training.
        • Compliance coursesOperate safety in physical spaces with premises training.
        • Safety management coursesIOSH Approved safety management training courses.
        • Assessment ToolsInteractive assessments – from DSE to driver awareness tools.
        • Mandatory training coursesAccess the courses your organisation must provide employees.
        • SHINEDiscover SHINE – our complete learning management system.
        • Popular courses

          • Fire Safety Training
          • Display Screen Equipment Training
          • Manual Handling
          • UK GDPR and Data Protection Awareness
          • EMF and RF Awareness
        • Latest courses

          • Cyber attacks and strategic cyber planning for managers £25.00
          • Behavioural Safety Course Behavioural Safety £25.00
          • Lone working course main image Lone Working Awareness £25.00
          • Image of magnifying glass and laptop Conducting Effective HR Investigations £25.00
          • Data personal information course main Data and Personal Information Security £30.00
  • Topics
        • Building safetyDiscover our building and premises health and safety guides.
        • Display Screen Equipment (DSE)Manage risks associated with incorrect use of DSE through our resources.
        • EMF and RFStay up-to-date with our EMF and RF safety guides and advice.
        • Fire safetyAll you need to learn about fire safety and compliance.
        • Free Stress Awareness TrainingSupporting National Stress Awareness Month.
        • Food SafetyNews, advice and guides covering food hygiene and safety.
        • HomeworkingAccess our guides on working from home and employee safety.
        • WellbeingEmployee wellbeing industry advice, trends and support.
        • Workplace safetyGet workplace health and safety advice and access to support.
        • Latest resources

          • DSE glasses and eye tests for employees – does my employer have to pay?
          • Product Demo: Why your DSE process is building a non-compliance database – and what to do about it
          • What are the Display Screen Equipment Regulations (1992)?
          • Ep 11: Trust without condition – Christian Harris
          • Ep 7: 8 common electrical hazards in the workplace
        • Latest courses

          • Cyber attacks and strategic cyber planning for managers £25.00
          • Behavioural Safety Course Behavioural Safety £25.00
          • Lone working course main image Lone Working Awareness £25.00
          • Image of magnifying glass and laptop Conducting Effective HR Investigations £25.00
          • Data personal information course main Data and Personal Information Security £30.00
  • Sectors
        • RetailHealth and safety issues that affect stores and retail premises.
        • HospitalityGuides, advice and support for hospitality organisations.
        • ConstructionNews, guides and support covering the construction sector.
        • ManufacturingManufacturing health and safety resources and guides.
        • OfficeDiscover how to enhance office safety with our expert guides.
        • TelecommunicationsLatest advice and guidance for the telecommunications sector.
        • Latest resources

          • DSE glasses and eye tests for employees – does my employer have to pay?
          • Product Demo: Why your DSE process is building a non-compliance database – and what to do about it
          • What are the Display Screen Equipment Regulations (1992)?
          • Ep 11: Trust without condition – Christian Harris
          • Ep 7: 8 common electrical hazards in the workplace
        • Latest courses

          • Cyber attacks and strategic cyber planning for managers £25.00
          • Behavioural Safety Course Behavioural Safety £25.00
          • Lone working course main image Lone Working Awareness £25.00
          • Image of magnifying glass and laptop Conducting Effective HR Investigations £25.00
          • Data personal information course main Data and Personal Information Security £30.00
  • Resources
        • ResourcesComplete library of news, guides and advice.
        • BlogsAccess our latest guides, advice and industry articles.
        • WebinarsSign up to our latest webinars and access our archive.
        • Risk. Sleep. Repeat. – PodcastTune into our latest health, safety and risk podcasts.
        • VideosTake a look at our video library including our product demos.
        • Safety Made Simple – PodcastBreaking down different health and safety topics.
        • Fire, Health and Safety FAQsDeveloped by experts covering key queries.
        • Sectors
          • Retail
          • Hospitality
          • Manufacturing
          • Construction
          • Office
          • Telecommunications
        • Topics
          • Fire safety
          • Food Safety
          • Wellbeing
          • Homeworking
          • Workplace safety
          • Building safety
  • Client login
GDPR

What are the 7 GDPR principles

Tom Paxman
30th March 2022

The General Data Protection Regulation (GDPR) is a privacy law designed to give individuals rights over their data. It came into force in May 2018 and introduced strict rules about how businesses access, store and use personal data, such as phone numbers and medical history. The principles of GDPR apply to everyone, including employees, customers, contractors and members of the public that you hold information about.

Although the GDPR was an EU directive, since Brexit it has been retained in UK law under the Data Protection Act 2018. This act developed the tenets outlined in the Data Protection Act 1998 and has enforced strong penalties for those who fail to abide by GDPR principles.

While the full GDPR legislation is over 300 pages long, it has two key premises. The first is that organisations must have a valid reason for collecting personal information to communicate with the individual. The second is that the organisation, be it an accounting firm or an online store, must implement security measures to protect from data breaches or misuse of personal information.

Increase manager and employee awareness with our UK GDPR and Data Protection Awareness training course, which equips employees with an increased understanding of the implications of UK GDPR and how it is applied in the context of data security.

What is covered by personal data?

Personal data describes any information relating to a specific individual which could be used to identify them. This ranges from obvious details such as names to more specialised information such as medical history. These details are sometimes referred to as identifiers. As well as private information such as bank details and home addresses, personal data also refers to identifiers such as political stance, sexual identity and biometric data such as fingerprint and iris scans. These details are sometimes referred to as sensitive personal data.

Because of the monumental increase in internet usage and cloud-storage technology, the majority of personal data now exists online, as well as in hard copies such as printouts and physical records. The GDPR protects people from having their details misused, such as personal information being sold to marketing companies.

What does the GDPR mean for my organisation?

The GDPR means your organisation is legally required to comply with the data handling rules outlined in the legislation. An example of GDPR compliance is when a website alerts users that it uses tracking cookies to identify them and by clicking ‘accept’ the user agrees to its privacy and cookie policies.

The GDPR impacts other areas, such as marketing materials. An organisation must comply with data permission (customers confirming their wish to be contacted, usually by ticking a box) data access (a customer’s right to opt-out or unsubscribe from emails), and data focus (only collecting relevant data). The GDPR also specifies that customers may request access their personal data stored by an organisation by submitting a written Subject Access Request, and request that it is deleted or amended.

Two essential terms to understanding GDPR obligations are ‘data controller’ and ‘data processor’.

The data controller decides what data is collected, for what reason and how it should be processed. The controller ensures an organisation is GDPR compliant in terms of data accuracy, confidentiality and so on. The data controller is responsible for alerting the Information Commissioner’s Office (ICO) if a data breach occurs. The data processor collects, analyses, records and documents the data as outlined by the data controller.

Failure to comply with the GDPR can carry severe penalties. In cases of serious data breaches, organisations can be fined up to 4% of turnover or £17 million, whichever is the higher of the two figures. Penalties are determined by the Information Commissioner’s Office, which fined British Airways £20 million in 2020 over a data breach.

What are the seven key principles of the Data Protection Act?

  • Lawfulness, fairness and transparency – The first principle is the foundation for the GDPR. It states that whenever an organisation collects data it must clearly communicate why it is being collected and how it will be used. This principle also specifies that if a customer has further enquiries about the processing of their data, it must be answered in a timely fashion. Finally, the collection, processing and disclosure of data must all be carried out in line with the regulations.
  • Purpose limitation – Any data collected must be done so for a legitimate reason. The collected data can only be used for the specified purpose and nothing else unless the customer has given their explicit consent for this.
  • Data minimisation – The GDPR legislation states that data must be “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.” Therefore organisations must store only the minimum quantity of data needed for their purpose.
  • Accuracy – Any data collected must be accurate, fit for purpose and recent. Organisations should regularly review stored data and delete or amend inaccurate information to comply with this principle. Individuals have the right to request that inaccurate or incomplete data be erased or rectified within 30 days.
  • Storage limitation – Data that is no longer required for its designated purpose must be destroyed unless there are other grounds for retaining it. The GDPR does not specify how long data should be stored; this is decided by the data controller. Organisations should have a review process in place to deal with the cleansing of databases.
  • Integrity and confidentiality – Organisations must ensure that all necessary security measures pertaining to data security are in place. This refers to protection from internal threats such as loss, damage or unauthorised use. This principle also refers to external threats such as theft or malware.
  • Accountability – Finally, an organisation must take full responsibility for any data it holds and also demonstrate compliance with all seven principles. This could be achieved through actions such as GDPR training for all employees or appointing a data protection officer.

Does the GDPR still apply now after Brexit?

Since Britain’s departure from the EU on January 1, 2021, the GDPR was retained under UK law as the Data Protection Act 2018. Following an additional statutory instrument named The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019′, the DPA has been amended and merged with the requirements of GDPR. The same seven principles apply as do the same obligations and penalties for failure to comply.

The main difference to GDPR post-Brexit is that now the UK is “a third country” so data flow between the UK and the EU faces greater restrictions. The EU has adopted an adequacy decision for the UK until 2025. For UK organisations processing personal data from individuals inside the EU, this UK adequacy decision allows unrestricted data sharing until 2025.

In September 2021, the Department for Digital, Culture, Media & Sport launched a consultation titled Data: A New Direction as part of the UK’s National Data Strategy. The outcomes of this consultation are yet to be announced, but the main proposals include placing tougher penalties on nuisance calls and text messages and reworking rules in relation to cookies and direct marketing.

Ensure your organisation complies with UK GDPR and data protection regulations with our UK GDPR and Data Protection Awareness training course that helps ensure your organisation is compliant and helps avoid the risk of costly fines.

Primary Sidebar

Blog categories

  • Assessments
  • Compliance
  • Fire Safety
  • Food Safety
  • Health and Safety
  • HR
  • Mandatory Training
  • Safety Management
  • Wellbeing

Latest guide

Eye tests for employees - featured image

DSE glasses and eye tests for employees – does my employer have to pay?

Learn more about eye tests for employees and employers responsibilities relating DSE eye tests, and optical health and safety ...
Read more

Latest course

Cyber attacks and strategic cyber planning for managers

Cyber attacks and strategic cyber planning for managers

Our cyber attacks and strategic cyber planning for managers course helps managers understand the security risks when working with suppliers and how to deal with ...
View course
Health safety assessments - main header image

Audits and assessments

Our professional risk assessments, audits and consultancy services help organisations comply with fire, health and safety and HR regulations.
Read more
Praxis42 Consulting services

Consulting

Discover how our fire, health and safety consultants can help your organisation with fire safety and health and safety compliance.
Read more

Sign up to our Praxis42 newsletter

Get the latest fire, health and safety news, guides, webinars, videos and podcasts direct to your inbox. Sign up now!

Related resources

Discover our library of expert guides, webinars and video.

Product Demo: Why your DSE process is building a non-compliance database – and what to do about it
Video

Product Demo: Why your DSE process is building a non-compliance database – and what to do about it

This product demo will look at the ways you may be currently assessing the DSE risks in your organisation and ways you can streamline the process.
Read more
Display screen equipment regulations 1992
Blog

What are the Display Screen Equipment Regulations (1992)?

Read our guide on what Display Screen Equipment Regulations 1992 entail and understand the importance for employers to implement them.
Read more
Ep 11: Trust without condition - Christian Harris
Podcast

Ep 11: Trust without condition – Christian Harris

This conversation looks at how to move forward after a life-changing accident, dealing with internal pressure and the importance of trust and growth within business.
Read more
Ep 7: 8 common electrical hazards in the workplace
Podcast

Ep 7: 8 common electrical hazards in the workplace

In this episode we look at common electrical hazards in the workplace, the legal requirements for electrical safety and precautions that should be taken. 
Read more
More posts Loading...

Footer

About Praxis42

We're the leading compliance organisation trusted by businesses nationwide to meet their auditing, assessment and training needs. We work with all sectors and size of organisation. We have extensive accreditation and decades of safety management experience.


Company no. 04152524 · VAT no. 770517529

Explore Praxis42

  • Home
  • About
  • Topic
  • Sector
  • Resources

Subscribe to our newsletter

Stay up-to-date with the latest health and safety news, advice and offers.

0203 011 4242   info [at] praxis42 [dot] com

© 2023 Praxis42 Privacy Policy Terms and Conditions

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsReject AllAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
__cf_bm30 minutesThis cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__lc_cid2 yearsThis is an essential cookie for the website live chat box to function properly.
__lc_cst2 yearsThis cookie is used for the website live chat box to function properly.
__oauth_redirect_detectorpastThis cookie is used to recognize the visitors using live chat at different times inorder to optimize the chat-box functionality.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
CookieDurationDescription
_calendly_session21 daysCalendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_2905818_11 minuteSet by Google to distinguish users.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
m2 yearsNo description available.
SAVE & ACCEPT
Powered by CookieYes Logo