Like all organisations that keep or process personal data, we have been updating our systems and policies to take account of the new general data protection regulation (GDPR); which applies from the end of May 2018. The regulation gives more control to individuals over their personal information. It also places far more responsibility on organisations that collect and hold personal information to keep that information safe and secure.