The new rules take effect from the 25th May 2018 and will also be supported by the United Kingdom Data Protection Act, which will ensure these new protections continue post-Brexit.
What are the key changes?
Transparency and Fairness
The new rules will require companies to be more open and honest about how customers’ personal data is stored and used. We are working to make sure we can be more clear about what information we have about our customers, why it’s needed and what we do with it.
Stronger Rights for Individuals
The right of all customers to data privacy will be strengthened. Customers can ask to see their information – for free – have inaccurate data corrected, or request to have it withdrawn completely. Under the new rules, we will be required to respond to requests within one month.
Companies will have to make sure they have tough measures to ensure customer data is looked after responsibly. Some of the ways we plan to do this are by keeping a record of how we handle everyone’s information, conducting Data Impact Assessments, making sure that contract agreements with third parties are in place, and appointing a Data Protection Officer to oversee everything.
We will put in place tough information security practices that will help us identify any suspicious incidents that could compromise customers’ information and, where necessary, we will take action and notify the Information Commissioner’s Office.
How does Guinness use your information?
We take your privacy very seriously so we want to make sure you understand your privacy rights. See more information on how Guinness uses your information.
Do you have any questions?
If you still have questions about how Guinness is preparing for GDPR contact:
If you have any concerns about how we handle your personal data contact:
Information Management Governance and Risk Team
1 Stable Street