The General Data Protection Regulation becomes enforceable on the 25 th of May 2018. These changes were approved by the European Parliament in 2016.
Unlike an EU directive, which gives countries a template for their local law, the GDPR is an EU Regulation and has binding legal force throughout every EU Member State, with very little room for individual governments to vary its terms.
The European Parliament has also said that any country outside the EU must comply with the GDPR if they wish to continue processing information about EU citizens.
The British National Party has always rejected the notion that British interests are somehow best served by passing responsibility for our laws to Brussels, where they can be influenced by an unelected elite.
We welcome the result of the EU Referendum in June 2016 and are proud to have campaigned for decades against the continued association between the EU and our own sovereign nation.
Despite the popular people’s choice in favour of Brexit, we are still bound by treaty to adopt the GDPR as a replacement for our existing Data Protection Act.
The BNP also recognises the practical advantages of a reciprocal arrangement, whereby certain rules are agreed in the interest of our citizens.
Our commitment to self-determination does not lessen the need for the people of Britain to engage with and be part of the wider world with a reasonable amount of security.
The British National Party has always given priority to the care of personal data and has taken steps to guard the privacy of our members and supporters.
We have always complied with the Data Protection Act and welcome any legislation, which gives our members and supporters increased freedom to express political opinion without fear of persecution by the authorities.
We will be monitoring the situation carefully as the new rules start to take effect and if we identify any changes, which we should make, then we will make them.
You can rest assured that your data has always been and will always be handled by us with the utmost care.
The British National Party is a political party, which is subject to the Representation Of The People Act, the Registration of Political Parties Act, the Political Parties, Elections and Referendums Act and other relevant statute.
The British National Party is an organisation, which has been subject to the Data Protection Act and is subject to the General Data Protection Regulation and other relevant statute.
For the purposes of the GDPR, the BNP is a Data Controller. The BNP makes use of Data Processors and holds personal information relating to Data Subjects.
The British National Party looks for guidance in the first instance to the Information Commissioner’s Office as the appropriate UK independent supervisory authority, having its legal basis within the GDPR.
The British National Party recognises that the GDPR is young legislation and that, although the goals of the Regulation may be clear, it has still to be tested in court and no best practice has yet been established.
The British National Party accepts that personal data can be defined as any information relating to an individual within their private, professional and public life.
Such data can include a name, a home or email address, a photo of a person, banking or financial information, posts made on the Internet, vehicle details or a computer’s IP address.
For the avoidance of doubt and until further guidance is made available from the ICO, the BNP qualifies personal data as that which would reasonably allow a natural person to become identifiable.
The British National Party looks to engage voters and sees this as a core value of any democracy.
In order to communicate with the public, the BNP is in a privileged position as a political party, in that it has access to the Electoral Register in both its open and full forms, including absent voters and to the details of those, who vote by proxy.
The British National Party also records and processes information as part of its ongoing engagement with the British people, including canvassing during elections, in order to gain, maintain and sustain public support.
The British National Party has an Internet presence, including an official website and various other channels such as social media. We record and process information as part of our communication with the public via these means as well as through face-to-face contact.
The British National Party does not purchase or use personal data from marketing companies.
The British National Party has never and will never sell information to any third-parties.
The British National Party will never share information with any third-parties, other than those in a contract to us to provide a necessary service as part of the day-to-day management of the Party. We will take every precaution to ensure that any such Data Processor acting on our behalf is compliant with the GDPR and does not make unauthorised copies of BNP data and does not share BNP data with any other person or group unless they are also in contract to us and then only when consent is explicitly given by us.
The British National Party operates at national, regional and local level. Any officer or member of the Party at any level will be required to sign an agreement to abide by both the rules of the BNP and the relevant legislation before any access is given to personal data.
The British National Party recognises that materials putting forward a political view, a stance on an issue or promoting a candidate are required under legislation to identify the party or group and to provide contact details. This is a requirement both under laws governing direct marketing and also under the statute relating to elections. It is also equally a requirement of any group campaigning against, rather than for, a candidate or party to identify themselves and to provide contact details.
The British National Party recognises that at least one lawful basis is required before personal data can be collected and processed. Any personal data processed by the BNP will satisfy one or more of the following conditions:
- Processing by the BNP or its agents is necessary for the performance of a contractual obligation between the individual and the BNP. One example of this would be to manage memberships.
- Processing by the BNP or its agents is necessary for the BNP to comply with a legal obligation. One example of this would be the submission to the Electoral Commission of the details of any individuals, who make donations to the Party beyond the set limits for anonymity.
- Processing by the BNP is necessary for the performance of a task, which is carried out in the public interest. One example of this would be canvassing using the Electoral Register.
- Processing by the BNP is necessary for the purposes of the legitimate interests of the Party. One example of this would be campaign management, although this does not outweigh the rights of the data subject as detailed within the GDPR.
- Processing by the BNP is carried out with the explicit consent of the individual, for a stated purpose and in a manner compliant with the GDPR. One example of this would be signing-up to a mailing list.
The British National Party supports the view that organisations should provide details to individuals on what information is held about them. Members and supporters have used existing legislation successfully in the past to obtain details about themselves, often held inappropriately or illegally, from organisations, which have attempted to discriminate against them.
The BNP recognises the individual’s right of access to personal information held within our records.
The British National Party recognises that people have the right to privacy and to change their mind. As far as is possible, the BNP will remove any personal data about an individual when a legitimate request is made to do so.
This applies to the withdrawal of consent and also to the ending of a contract between the individual and the BNP. This does not apply where the BNP has a legal obligation to keep a record of a person’s details.
The British National Party, after complying with a request to remove personal data for one purpose, such as a mailing list, may then be subsequently provided with similar data from the Electoral Services department of a local authority. This is clearly for separate purposes and although consent may be withdrawn, another lawful basis for processing may replace it.
The British National Party is regularly updated with personal data from the Electoral Register. Although we make every effort to avoid contacting individuals, who have asked us not to, the Party is powerless to keep track of Do Not Contact tagging information against fresh data when the Data Subject has also asked us to remove their details from our database.
The British National Party recognises that, like any political party, it may make use of a Freepost mailshot when certain criteria are met. Under current legislation, the political party is not responsible when an individual receives marketing material from a party, addressed to them personally, after making a request to the party that their details be erased. Until further guidance is received from the ICO or the process with Royal Mail changes, the BNP will make every effort to exclude such individuals but cannot guarantee that this will be successful.
The British National Party recognises that the GDPR applies to data, which can be used to identify an individual. The same principles do not apply to promotional material such as leaflet-drops and mailings, which are either unaddressed or addressed simply to “the occupier.”
The British National Party operates within the terms of the Privacy and Electronic Communications Regulations, which sit alongside the GDPR. One example of the application of this law is the use of cookies, which are small text files stored by your browser. You have control of cookies on your own device. If you choose to accept cookies from the BNP website, we will only use them to help you access BNP webpages. We do not access any information stored in a cookie placed by other websites such as Google or by any online shopping websites. Our cookies do not contain personal information. Our cookies do contain your public IP address.
The British National Party uses email, telephone and text messaging technologies. Again, this is only ever carried out in accordance with the Privacy and Electronic Communications Regulations and any personal information is processed only in line with our commitment to the public’s security.
The British National Party wholly rejects political correctness and the influences of cultural Marxism. As a party, we are committed to democracy and to the freedom of elections. We support the freedom of assembly and of association. Most of all, we object to any restriction placed on the people of Britain with regard to their freedom of thought, belief and expression. We ask any user of our website, social media or other Internet presence to treat others with respect. We cannot assume liability, either directly or indirectly, for the personal criminal actions of others, including officers of the party or members of the public, which contradict the British National Party’s standards of acceptable behaviour, the British National Party’s Constitution or any relevant statute.
The British National Party is not required to employ a dedicated Data Protection Officer. The principles of data protection are the duty of every officer and member of the Party.
Requests for information and requests for removal of information should be sent to Data Protection, PO Box 213, Wigton, Cumbria CA7 7AJ.
The British National Party notes the distinction between the GDPR and previous guidelines in that the right to be forgotten has been replaced by a right to be deleted. Requests for removal of personal details notwithstanding, the British National Party asserts its right to carry canvass returns, marked registers and other tools of democracy forward from one election to the next.
The British National Party notes that until further guidance is given, deceased persons are afforded different rights in that national legislation takes precedence over the GDPR. We make a commitment to treat our members and supporters with the same respect in death as in life.
The British National Party recognises that data breaches are considered under the GDPR to be a deliberate or accidental release of personal information to an untrusted environment. This could include lost data, unintentional disclosure and malicious hacking or theft.
The British National Party recognises its obligation to report any relevant data breach to the ICO within seventy-two hours. Any data breach is considered relevant if it is likely to have an adverse effect on an individual’s privacy.
The British National Party welcomes the increased enforceability of data protection laws. Historically, any perceived misuse has only been addressed through internal disciplinary action with further recourse under potentially very expensive civil law. The GDPR gives the ICO increased opportunity to prosecute anybody, who attempts to compromise the privacy of our membership.
Copyright © British National Party 2018, PO Box 213, Wigton, Cumbria CA7 7AJ