Data Protection Quick Guide
Do's & Don’ts Guidance

Do:

Don’t:

Tell people how you are going to use their personal data

Use personal data in ways that people would not expect

Collect all the information that you need for the relevant purpose

Collect excessive data or data that you think you might need “just in case”

Keep data up-to-date and update records as soon as you are notified of a change

Sign up a new supplier who will process personal data on behalf of Knepp Castle Estates without first checking that they have adequate measures in place to protect personal data and ensuring that a contract is in place which contains the mandatory GDPR clauses

Check carefully when inputting information to ensure that it is accurate

Send any personal data outside the European Economic Area without ensuring that an appropriate mechanism is in place to protect the data

Delete or securely destroy personal data when it is no longer needed

Put confidential information (including all personal data) in waste paper bins

Keep a clear desk and lock hard copies of data away securely when you are not using it

Leave personal data lying around or take it out of the office unless absolutely necessary

Use a strong password and always lock your screen when away from your desk

Tell anyone your password

Follow all guidance that is provided on information security matters

Send anybody marketing communications without their consent

Check the identity of people who make requests to access their data

Disclose personal data to any third parties unless you are sure that you are authorised to do so

Notify the Compliance Manager immediately if you become aware of a data breach

Send personal data by email without password protecting it

Inform the Compliance Manager promptly if you receive a request from an individual seeking to exercise their data protection rights

Forget that people can ask to see their personal data at any time, so you must ensure that everything you write down is professional and fair