The new guidelines for GDPR come into force 25th May 2018. MelanomaMe holds data classified as “personal data” and “sensitive personal data” This information is held both manually and on computer. Where the company holds files or information on an individual, they are held on them to comply with the project requirements. They can view manual files by putting requests in writing giving a 24 hour notice. No information will be used for direct promotion or sold or passed to third parties unless agreed with the service user and in case of young people their parent’s consent. All information is stored securely in locked cabinets. All data held on computer is only accessible by authorised staff members via a password. Counselling information will be held under a coded correspondence that can’t be linked to a service users name or contact details. Personal information will be deleted from messages or emails and stored as above. Service user’s data will only be collected for the purpose of referral information and held for a maximum of 7 years after no longer accessing MelanomaMe’s services. All service users are given the option to opt out of email, telephone or text messages. Service users have the right to ask for their information to be taken of MelaonmaMe’s accessible data. However, counselling information will be kept securely filed as above and only accessed if the service user gives written permission, to which this will then be correctly destroyed after 7 years of the service users no longer accessing MelanomaMe’s services.