Cookies
We use cookies to give you the best possible experience on our website.
Accept All Cookies
Find out more
Cookie Portal
Manage and find out more about the cookies used on this website.
View Cookie Settings
Read Cookie Policy

Accept All Cookies and Close
Close Without Saving
< Back
This website has 3 types of cookies:
Your preferences will not take affect until the next page loads or this page is reloaded.
Strictly Necessary Cookies
Feature Cookies
Performance Cookies
Save and Close
< Back
< Back
Cookie Policy
< Back

What is GDPR?

Chris

Chris
Written on 18th December 2017

In April 2016 the EU passed new regulations regarding the processing of personal information which comes into effect on 25th of May 2018. These changes will have a massive impact on all UK organisations. In the run-up to May we'll be posting further information regarding the GDPR and how we can help you prepare.

The General Data Protection Regulation (GDPR) is a new EU wide regulation coming into force from 25th May 2018, following a two-year transition period. The purpose of GDPR is to improve and align data protection for all individuals within the European Union (EU).

These changes will be written into UK law prior to the UK’s withdrawal from the EU, replacing the Data Protection Act of 1998, as indicated in the Queen’s Speech in July 2017.

The consequences of non-compliance are severe with fines of up to £20 million or 4% of a company’s global turnover from the previous financial year, whichever is higher. Fines are likely to be issued after a written warning of none-compliance and regular periodic data protection audits.

Key points

  • Consent  – offering individuals choice and control of what information and choices they are choosing. This means no more pre-ticked boxes or opt-in methods designed to confuse.
  • Right to be forgotten  – An individual has the right to obtain personal data concerning themselves without undue delay and can request its deletion.
  • Data breach  – All organisations will have a duty to report data breaches to the individuals affected as well as the relevant supervisory authority.

Key definitions

  • Controller  – determines the purposes and means of processing personal data, for an agency such as ourselves this is usually our clients.
  • Processor  – is responsible for processing personal data on behalf of a controller, for our clients this is usually Webnetism.
  • Personal data  – any information related to a person that can be used to identify a person. This includes, email address, name, mobile number and location, both digital and manual records.
  • Consent  – freely given, specific, informed and explicit consent by statement or action signifying agreement to the processing of their personal data.

Useful information

Information Commissioner’s Office: Preparing for the General Data Protection Regulation (GDPR) – 12 steps to take now

European Commission: Reform of EU data protection rules

DMA: Webinars and updates

Full law text: General Protection Regulation (GDPR), as of 27th April 2016


Need help bringing your website up to speed with the GDPR?

Get in touch

Join the conversation

      

Find out more about how your personal data is used in our privacy policy.


0 comments

Let's contribute!

How about you help us a little and share this page with your friends? It’s just a click, we promise!

Want to get in touch?

Then why don't you? Just click the button below and secure your place in our office chair (before you ask... yes, spinning is allowed)!

Get in touch