Data Protection Policy
Data Protection Exemptions
The Data Protection Act 2018 defines exemptions to the application of certain requirements under the UK GDPR. Appendix C provides a breakdown of the exemptions to the UK GDPR and are cross-referred to the requirements (Articles) of the UK GDPR. The application of the exemptions in certain circumstances is quite complex and will require reference to specific guidance within the Data Protection Act 2018, which is why the table cross-refers to the relevant section of the Act. Advice should be sought from the Data Protection Officer via the Information Governance team.
In order to meet the Accountability requirement, the rationale for applying an exemption must be documented and retained. If the ICO receives a complaint they will ask for this information when assessing the complaint