General Data Protection Regulation (GDPR)

From 25 May 2018, all organisations that process personal information will need to comply with the General Data Protection Regulation (GDPR), whilst the new ePrivacy Regulation will bring changes to direct marketing rules and new obligations for IT-based communications providers.

These changes are to EU law and, despite the Brexit negotiations, the UK Government has confirmed that the UK will be implementing the new rules in full.

The GDPR includes new concepts such as the ‘right to be forgotten’ which businesses need to fully understand and prepare themselves for.  It’s not just reputation that is at stake for failure to comply – businesses will be liable for fines of up to 20 million euros worldwide or 4% of their annual turnover (whichever the greater) if they don’t take the necessary action to ensure they are compliant.

Our guide to the General Data Protection Regulation summarises the key changes that the new law will bring and highlights the most important actions that your organisation should be taking in preparing to comply with it. If you have any questions on GDPR our data protection and regulatory experts are available to answer your questions at GDPR@blakemorgan.co.uk.

Main contacts