The European General Data Protection Regulation came into effect in May 2018 and was designed to protect individuals’ data from unauthorised use or disclosure and invasions of privacy. The GDPR will no longer apply in the UK in its current form, albeit the Data Protection Regulations 2019 effectively introduce the ‘UK GDPR’ into national law, supported by the Data Protection Act 2018. In short, it means that businesses will continue to need to comply with the GDPR’s requirements albeit under a different regulation.
Action: have you updated any policies and references to GDPR in your documentation and on your website? Have you appointed an EEA representative and updated your policies and website accordingly?
These notes have been prepared for the purpose of an article only. They should not be regarded as a substitute for taking legal advice.