The General Data Protection Regulation (or GDPR) is intended to protect the personal data of individuals. It does so by imposing strict rules on how personal data is handled and secured, and provides people with rights that will keep them in control of their data.

From 25 May 2018, the GDPR will replace the UK’s existing data protection regime, regardless of Brexit. It is onerous and, for many organisations, will be their most significant compliance obligation. Failing to prepare for the GDPR could result in large fines, reputational damage, civil claims from individuals, and breaches of contract.

Our short guide gives an overview of what it covers.

Download it here: GDPR data card

The content of this page is a summary of the law in force at the present time and is not exhaustive, nor does it contain definitive advice. Specialist legal advice should be sought in relation to any queries that may arise.