The Data (Use and Access) Act 2025 introduces a new requirement for data controllers to implement a data protection complaints procedure – and the deadline to do so is 19 June this year. For trustees, this is primarily about ensuring that members have a clear route to raise concerns about how their personal data is handled, and that those concerns are dealt with appropriately and promptly.