Recent Data Protection laws and GDPR have changed how we need to keep and look after data. Understanding your responsibilities when it comes to online forms and personal data isn’t easy.

That’s why the Web Team, advised by central compliance teams, is issuing some guidance on how to handle it.

• Data shouldn’t be kept in Contensis. Make sure you download any data collected by forms and keep it securely. Delete any data on the CMS you have copies of elsewhere
• Don’t keep forms online if they’re no longer needed. You need to be careful not to accidentally get data you didn’t want
• You are responsible for the data collected by forms, so make sure you’re aware of your responsibilities under GDPR, or talk to Information Compliance about training

All forms that are created in Contensis save the entries submitted on Contensis, even if you also have them go to an email address. This is form data, and you might not have even realised it was being created by your forms.

To help this process along, the Web Team will be deleting all existing form data older than 3 months that they haven’t had a specific request to keep. Remember, you should be moving this data to somewhere more secure as soon as possible.

Let the Web Team know by Saturday 1 February 2020 about any data you absolutely need to keep in Contensis. Make sure you move your data before then. If you don’t know how to do this, ask your local web coordinator for help.