General Data Protection Regulation

The General Data Protection Regulation, known commonly as GDPR, came into effect as of 25th May 2018. The aim of this legislation is to protect all EU citizens from privacy and data breaches within an increasingly data-driven world. Read the article to find out more and how it affects Neighbourhood Watch in Scotland.

The General Data Protection Regulation, known commonly as GDPR, came into effect as of 25th May 2018. The aim of this legislation is to protect all EU citizens from privacy and data breaches within an increasingly data-driven world. Our present day world of online services and social networking is vastly different from the time when the original Data Protection Directive was introduced in 1995, hence the need for the regulations and guidance to be updated.

The main changes that GDPR brings are:

  • Increased scope (it affects all organisations operating within the EU irrespective of where they are based)
  • Increased penalties for data breaches and non-compliance
  • Strengthening of consent – i.e. providing clear and unambiguous terms & conditions when you are considering allowing access to your personal data and ease of withdrawal of your consent when you no longer want to subscribe
  • Easier access to your data that it held by others

Against this background Neighbourhood Watch Scotland (NWS) have been liaising with VISAV Ltd, the developers and operators of Neighbourhood ALERT, regarding the impact of GDPR on your use of the system.

The Neighbourhood ALERT system acts as both our registration database and a local community messaging service, and currently holds over 17500 personal records.

As the primary Data Controller VISAV Ltd has been working with the Information Commissioners Office to ensure that the Neighbourhood ALERT platform and associated products are fully compliant. Neighbourhood Watch Scotland are regarded as joint Data Controllers in respect of the Scottish aspect of the system.

To ensure compliance under GDPR VISAV Ltd and Neighbourhood Watch Scotland are going to change how people register for the Neighbourhood Watch Network and to receive Neighbourhood ALERTs.

Existing users were notified through the ALERT system that GDPR was coming into force and that they could take simple steps to edit who can see their personal data and therefore who can send messages to them. There is a clear and simple process to unsubscribe from Neighbourhood ALERT. This notification will be reinforced by NWS through ALERTs, newsletters and on their website.

Following the introduction of GDPR users will be regularly notified (every 6 months) about reviewing their permissions.

For new users there is now a revised Neighbourhood ALERT registration process.

  • It provides revised Terms and Conditions and a Privacy Statement.
  • At each stage of the registration process a clear statement is provided as to why the data is required.
  • Users are reminded that some aspects of the data has a ‘prefer not to say’ option.
  • For every approved Information Provider there is a clear and concise statement regarding each of them and the nature of the information they will provide.
  • To receive information from any of the providers new users will need to ‘opt in’ (basically tick the box) to receive from them.
  • A copy of the Terms and Conditions will be attached to the registration verification email that new users receive.

In addition Neighbourhood Watch Scotland will continue to reinforce the Terms and Conditions of use, Privacy Statement and Privacy Policy within their website and on any future published materials that supports the registration process and at every opportunity.

The Neighbourhood ALERT system has the primary aim of “getting the right information to the right people at the right time” so that users can make informed decisions about staying safe. The system has always operated with the highest levels of data compliance and its former integrity met much of the requirements of the new GDPR. However to ensure the best possible service and to continue keeping people feeling safe and secure necessary improvements will continue to be made.

How does this affect local Neighbourhood Watches?

Neighbourhood Watch Scotland received a few enquiries from local neighbourhood watch groups asking if they need to evoke new data protection arrangements in order to communicate with the members in their own group.

Our understanding is that GDPR will not affect you at a local Neighbourhood Watch level. Within your own NW administration and/or any email list held within your profile on the Neighbourhood ALERT network you will not be regarded as a ‘data controller’ nor a ‘data processor’. The primary focus of GDPR is on those organisations that hold large amounts of personal data that goes beyond names and addresses.

However, at a local level is still good housekeeping and administration to ensure that if you have your member’s emails, telephone numbers and addresses these details are kept up to date and you only keep them if it is necessary.

The General Data Protection Regulations are designed to make subscribers to information services, websites, social media groups etc. more aware of who can see their personal data, what they do with that data and who it may be shared with. People are being encouraged to take a greater responsibility for the provision of their own data. Neighbourhood Watch Scotland agrees that these changes are needed to stop organisations misusing your personal data.

Should you want to learn more about GDPR go to the Information Commissioner’s Office website at: