Data Protection

Data protection fee exemptions are being reconsidered - have your say

Many Making Music member groups are currently exempt by law from paying a data protection fee as they process personal data for n

GDPR: Data Protection Overview

Data protection is about organisations collecting and using data in a fair, responsible and transparent way. It puts the emphasis on needing a good reason for holding and using the data and being clear about what those reasons are. It also emphasises the need to have consent from individuals (in some situations), and the individual’s rights over their data. New data protection laws (often referred to as GDPR) came into force in May 2018.

GDPR: Privacy notices and statements

A key part of your responsibilities under GDPR is to provide easily-understandable and accessible information to individuals at the point at which you are collecting their data - these are called privacy statements.

GDPR: Template privacy notice and statements

On this page you will find various template documents to help you prepare for GDPR together with links to notes and guidance to help you use them.

Data protection and retention policy

This policy is an internal document that sets out your organisation's approach to using data. It is a set of rules and principles for the people running your group, or working with it, about how to treat data.  

Data Protection and Retention Policy template

This is a template Data Protection and Data Retention Policy for use by Making Music members. It has been designed in line with General Data Protection Regulations (GDPR) and can be used as it is - with just your specific details (e.g. group name) added in, or taken as a starting point with changes made to suit your specific activities and circumstance.

Data retention: what you need to know

This guidance looks at data retention in relation to the new General Data Protection Regulation (GDPR).  You can find out more about GDPR in our GDPR toolkit, including a template Data Protection and Retention Policy. 

Data Protection Policy template - notes

We have developed a template Data Protection and Retention policy for use by our member groups. It has been designed in line with General Data Protection Regulation (GDPR) and can be used as it is - with just your specific details (e.g. group name) added in, or taken as a starting point with changes made to suit your specific activities and circumstance.

GDPR interactive guidance tool

This audit tool is part of our GDPR toolkit. It is intended to help you think about the questions you need to ask about the data your group holds, asks for and uses, to help you meet your data protection responsibilities.

How to use the audit tool

GDPR is a meaty topic with lots of information, not all of which will be relevant to you. This tool is designed to help you filter the information to what is relevant for your group.

GDPR: What you need to know

Data protection is becoming an increasingly prominent issue. The General Data Protection Regulation (GDPR) in May 2018 tightened up the data laws and led to the Data Protection Act 2018, getting a fair bit of media attention in the process.

The new rules can appear complex, hard to apply and perhaps a bit restrictive. For leisure-time music groups though, it’s mostly about common sense and simple reasonable measures to make sure you are using the data you hold in a fair, reasonable and secure way. 

The General Data Protection Regulation (GDPR)

We have had a few enquiries recently about the new data protection regulations –GDPR– due to take effect from May 2018.