Privacy, GDPR and the College

General Data Protection Regulation (GDPR) and Your Personal Data

From 25 May 2018, current Data Protection legislation will be replaced by the General Data Protection Regulation (GDPR). The key principles of data protection will hold true but will be strengthened, for example, in the areas of transparency, data minimisation, data accuracy and accountability.

What is data protection and why does it matter?

In order to carry out its activities, The Royal College of Surgeons of Edinburgh has a legitimate need to collect and process information about its members and about people who take part in College-run activities. We process a range of data about our members so we can manage their membership and provide them with information about appropriate College products, activities and services.

Data protection legislation sets out strict requirements for the collection, processing, protection and disposal of your personal data. The College follows these requirements and principles with the greatest care:

  • We only use your information for the purpose we collected it for.
  • We do not share your details outside the College Group unless you have explicitly given us permission to do so, or there is a legal obligation to do so.
  • We will never sell your information to a third party.
  • You can ask us to provide you with a copy of the information we hold about you and to have any inaccuracies in your information amended.

How is the College adhering to GDPR?

Over the last year, we have been working to ensure that our processes meet the GDPR requirements.

  • We have reviewed and updated our policies, in particular our Data Protection Policy.
  • We have reviewed and strengthened our internal processes around Subject Access Requests, Breaches and Information Security.
  • We have updated our Privacy Statement, which provides more information on how we handle and secure your information.
  • We have reviewed our disclaimers on applications forms, to clarify at the point of collection what we need to collect, for which purpose, how we will use it and how we will keep it secure.
  • We are making sure we give you more control over the data you give us, over the way we use this information, and over the way we contact you. You can review your preferences and update your personal details at any point by logging into your contact preferences.

Further information

If you would like to find out more about data protection and the GDPR, please see the Information Commissioner’s Office website. If you have any specific question about the way the College handles your data, please contact


back to top of page