The Data Protection law is changing, with a few weeks remaining until GDPR comes into effect are you taking steps to become compliant? If you haven't heard of GDPR please read on!

OVERVIEW

A European privacy law approved by the European Commission in 2016. The GDPR is an attempt to strengthen, harmonise, and modernize EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right.

If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you'll need to comply with the GDPR.

The GDPR regulates, among other things, how individuals and organisations may obtain, use, store, and eliminate personal data. 

GDPR will apply to any organisation processing personal data of EU citizens—regardless of where it is established, and regardless of where its processing activities take place.

It applies directly in all 28 EU member states and comes into effect 25 May 2018. Compliance is mandatory for organisation controlling and processing the personal data of EU residents.

GDPR equally applies to B2B as it does B2C marketing communications.
 

WHEN DOES THE NEW REGULATION START?
May 25, 2018

WHO WILL ENFORCE IT IN THE UK?
The Information Commissioner's Office

WHAT'S NEW?
There are new rights for people to access the information companies hold about them, obligations for better data management for businesses and a new regime of fines.

DOES BREXIT MATTER?
The UK is implementing a new Data Protection Bill which largely includes all the provisions of the GDPR. There are some small changes but our own law will be largely the same.

WHAT IS PERSONAL DATA?

“Any information relating to an identified or identifiable natural person (‘data subject’)”

This includes:

- Name

- Email Address

- Phone number

- Address

- IP address

- Cookies

'PROCESSING' DEFINITION

“Means any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated , means, such as collection. Recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure of destruction.”

6 LEGAL GROUNDS FOR PROCESSING PERSONAL DATA

-Consent

-Contract

-Legal Obligation

-Vital Interests

-Public task

-Legitimate interests

ESSENTIAL LINKS

Guide to the General Data Protection Regulation (GDPR)

Difference between GDPR and ePrivacy

Suzanne Dibble - The Small Business Law Expert

Join our mailing list

Be the first to receive free eBooks, productivity tips and updates. We respect your privacy.