I work for a registered charity, which is a youth organisation.
I'm currently looking for advice from other charities around "Data Protection".
We're aware of our obligation to obey by Data Protection act of 1988 and 2003.
We currently do abide by these laws, but from reading it seems we need to have a data protection policy in place?
I've a few questions:
1. Can anyone confirm that we are obliged to have and publish a data protecttion policy?
2. Is there perhaps a Data Protection Policy template that sort of "fits-all" for charities?
3. Are charities in any way exempt from any part of the Data Protection Acts (I believe in the UK this is the case)
3. can anyone who has experience in this area please advise me, and let me know their experience of getting a data protection policy in place for a charity/youth organisation?