Your privacy is very important to Middletown Centre for Autism and maintaining your trust is paramount to us. We believe in being transparent about the personal information we collect and how we use it. We want to let you know about our improved and easier to navigate Privacy Policy which explains how we collect, use and manage your personal data.

From the 25th Of May 2018 GDPR becomes effective and provides additional protection of your Data.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) regulation, which replaces the Data Protection Directive 95/46/EC. The GDPR is intended to harmonize the patchwork of data privacy laws across its member states. The objective of GDPR is to protect all EU residents from privacy and data breaches in an increasingly data-driven world. The GDPR seeks to accomplish its objective by providing certain rights and freedoms to EU residents in relation to the processing of their personal data.


Why was GDPR adopted?

The GDPR was adopted by the EU Parliament to:

  • Create consistency within all the member states of the EU as to the rules regarding data protection, implementation of the law, and how the rules are enforced
  • Modernize the principles laid out in the 1995 Data Protection Directive (Directive 95/46/EC), which was written before the advent of social media, “smart” mobile devices that now can access things like cameras and geolocation information, and the ubiquity of online services and communications
  • Reinforce the rights of individuals to control and protect their personal data
  • Strengthen the EU internal market, ensuring stronger enforcement of the rules, streamlining international transfers of personal data and setting global data protection standards


When will GDPR take effect?

The GDPR is currently scheduled to be effective on May 25, 2018.

Who does GDPR apply to?

The GDPR applies to:

  • Organizations located within the EU
  • Organizations located outside of the EU if they offer goods or services to (even for free), or monitor the behavior of, EU residents
  • Organizations processing and holding personal data of EU residents, regardless of the organization’s location