General Data Protection Regulation 2016
On Friday, 25th May 2018, The Data Protection act 1988 will be replaced by the General Data Protection Regulation 2016. The GDPR sets out the key principles by which all personal data, i.e. data by which an individual may be identified, must be collected, processed, stored and used by an organisation such as BAThH.In particular, to comply with its legal obligations, personal data must be collected by BAThH:
• for specific, explicit and legitimate purposes;
• processed lawfully, fairly and transparently;
• limited to what is necessary for the purposes for which it is processed;
• kept accurate and up to date;
• store securely and not disclosed to any third party unlawfully;
• retained for as long as it is necessary for the reasons it was
In addition, individuals have certain rights regarding their personal data, i.e.
• to be kept informed about how their data is used;
• how to access their data and rectify incorrect information;
• how to have their data erased; restrict how their data is used;
• move their data from one organisation to another;
• to object to their data being used at all
1. Collecting personal information
BAThH is committed to respecting and protecting your privacy. When you register with BAThH as a Member Organisation or Associate Member Organisation you will be asked to provide certain personal information, for example your name, your address, both postal and email, telephone number, as set out in Membership Application Form. BAThH will store this data securely and hold it on computers or in other formats, and use it for the purposes outlined below.
2. Use of Personal Information
BAThH collects personal data for the purposes of administration and communication with Members, and for processing and validating membership subscriptions. BAThH only uses personal information within the context of the purposes outlined, and it will only keep the information as long as it is necessary to support these purposes.
3. Controlling access to personal information
BAThH will not pass on your personal information to any third party unless you give it permission to do so, or BAThH is required to do so by law. As a member of BAThH your personal information will be displayed on the BAThH website at www.BAThH.co.ukto provide basic information for potential members or clients who may wish to consult you, such information to include your name, email and telephone number. Your home address or business address will not be displayed, unless you chose to do so.
4. Storing your personal information
BAThH employs strict information security procedures to store and handle your personal information. BAThH protects your information against unauthorised access, unlawful processing and accidental loss, destruction and damage. For example, emails will only be sent to you as blind copies,so that only your email address will be visible when you receive it. Emails will also display the following statement “Please note that the information
below is being sent to you about matters relevant to The British Association of Therapeutic Hypnotherapists and NLP Practitioners of which you are a member.
Your name and email address are confidential and will not be divulged to any third party. If you do not wish to receive this information or is you wish to amend your name and email address, please notify the Secretary at the address below”
37 Prospect Road
Or email firstname.lastname@example.org
Data Protection Regulation and supervision
Under the requirements of both the Data Protection Act 1988 and the General Data Protection Regulation 2016, BAThH is registered with the Office of the Information Commissioner (Registration Number : ZA352986)