Triratna Resources

Some info on GDPR (data protection law)

On Tue, 3 September, 2019 - 21:29
Development Team's picture
Development Team

If you have further questions about the new legislation around data protection feel free to get in touch and we may be able to help or put you in touch with others with experience in this field 

info [at]

Also, the ICO has an advice line for small organisations which you can call if you have any tricky questions - 0303 123 1113 and select option 4 

You may also find information on their website of interest

Additional info added March 2018: 

(1) Abigail Luthmann from Dhanakosha Retreat Centre had a conversation recently (Feb 2018) with a member of the Information Commissioners Office helpline about using existing data.  You may find it useful and it’s attached to this post now. 

Please do also note her final conclusion which is the same that I got to in my research on the new data protection act: the main thing is

“it’s important to be able to justify what you have done basically – and to have had that signed off at the charity board level.

You need to be able to emphasise that you’ve taken good care of people’s data, responded to requests not to contact folk and that any contact you have made can be justified at some level of legitimate interest/soft opt in.”

… and for most of us in Buddhist Centres we can hopefully assume that “the goodwill of those we are contacting means it is less likely that there will be challenges”.

(2) Update on the privacy policy template: following advice from Samudradaka I have updated and corrected point 4 of ‘sharing and disclosure of information we collect’ of the privacy policy template which relates to the servers hosting all dharmachakra website in the EU, so you may wish to update your Centres privacy policy if you have used this template 

3) And finally, here is a little video that explains GDPR quite well:

on - GDPR compliance 

Log in or register to respond


Munisha's picture

Some of you may wonder questions about how data protection law affects the sharing - and storage - of information related to Safeguarding.

The short answer is that in the UK, the Data Protection Act 2018 contains an amendment specifically to permit the careful and limited sharing of information in order to address or prevent harm and crime - only between the few who need to know in order to address the matter effectively and swiftly.

Here is a document the Safeguarding team put out in 2018 to complement the ‘Changes to Data Protection’ document attached to the post above. It covers how to store confidential information/case notes securely, as required of Safeguarding officers in Britain.

And for those of you who live outside the UK… things may be very different indeed. In Sweden, where I live, the storage of confidential sensitive personal information or case notes by a charity/förening is completely forbidden! So check the law in your country.