What is GDPR? Top 4 questions on GDPR legislation

18th October 2017Blog

Are you ready to get in touch?

Request a Call back

Top four questions on the GDPR legislation answered

We’ve been speaking to many clients and prospects about the change to data protection and privacy laws, and everyone has at least the same four questions.

GDPR compliance for businessses

What is GDPR?

The General Data Protection Regulation is a European regulation designed to give citizens greater control over their personal data and to protect it from loss or misuse. It replaces the existing DPA regulation in the UK and applies to essentially any organisation that holds data on citizens of member states of the European Union. So, if you have customers, employees or partners who are EU citizens, you are impacted.

As well as requiring companies to collect, store and use personal data securely, fairly, accurately and responsibly, GDPR legislation gives individuals new rights in eight key areas:

  • to be informed about the data you hold on them
  • to access the data
  • to rectify it
  • to delete it
  • to restrict how you process it
  • to take it elsewhere
  • to object to its usage
  • to have it excluded from automated decision-making and profiling

When did it come into force?

It came into force on the 25th May 2018.

How has data classification changed following the implementation of new privacy regulations?

All organisations need to revisit their processes for seeking, storing, and managing consent from EU citizens for use of their personal data.

Note that “personal data” is defined in the GDPR as any information (e.g. an IP address) that could be used to identify a natural person.

A key principle is that GDPR requires users to opt-in for the use of their data (where the current DPA protects their right to opt-out).

The other major change is that you’ll need to be prepared to respond rapidly to requests from EU citizens to access, update, correct or delete their data.

Why does Brexit not affect GDPR?

Any organisations dealing with EU citizens (regardless of the location of that activity) will still be required to comply with GDPR.

If you would like to discuss your requirements, please contact us for more information.

See more information from the ICO

Contact us


Interested in seeing our Data Protection and GDPR solutions in action?

Request a demo or contact sales on: 0207 448 8500

Contact us

Our Awards & Accreditations