GDPR Information

AHTUTU – General Data Protection Regulations

Ahtutu is a non-profit organisation and therefore not required to register with the Information Commissioner’s Office under data protection legislation.

However, under GDPR guidelines, Ahtutu adheres to the data protection principles which set out the main responsibilities for all organisations.

Ahtutu complies with the GDPR principles, which require that personal data is:

1. Processed lawfully, fairly and in a transparent manner in relation to individuals
2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
4. Accurate and, where necessary, kept up to date
5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

ENQUIRIES

For enquiries about our GDPR policy and procedures, please use our Contact Form .