We have completed our GDPR work, and both DataSpace Live and Submitaplan are now GDPR compliant.
We are getting Applicants and Agents to confirm (and recording) their acceptance while registering and also before making their first Submission after the changes.
We are confirming to them what we will be doing with their data and who we will be passing it to, and for what reason. We will also be providing links to your own authorities data protection policy in the same way we link to your fees page, so they can view them before submission if required, and your authority can manage that information.
We outline how to review what data we hold on them, and details of how to request the “right to be forgotten”, although we have pointed out the requirement to keep full details of the application details for 15 years. Any requests we have to be forgotten, will be forwarded to your authority also via your notification address. If this service becomes more requested than expected then some form of automation will be developed.
It would be helpful if we could have a link to your policy to link to, as we have used your authorities default one otherwise, please email it to firstname.lastname@example.org .
01242 260505 / email@example.com