Frequently Asked Questions
Does my business need to worry about data protection?
In the UK, all businesses that collect personal information about their customers and employees must be compliant with data protection regulations. Given that almost all businesses now collect some form of personal data, very few are exempt. It’s key any personal data is collected and stored securely, and it must be transparent how your businesses will use an individual’s personal data.
What is the GDPR?
The General Data Protection Regulation (GDPR) is an EU law concerning the privacy of personal data. The law has several core components which cover accountability, accuracy, security, storage, transparency, what is collected, and why. GDPR applies to any company processing data of EU citizens.
Non-compliance with GDPR can prove costly, as fines can reach £20 million or 4% of global annual turnover (whichever is higher). It’s therefore imperative that businesses processing personal seek astute legal advice to ensure compliance.
Does GDPR apply in the UK?
Despite leaving the EU, the UK retains the GDPR in domestic law. This is called UK GDPR and it sits alongside the Data Protection Act 2018 at the forefront of the UK’s data privacy laws.
One difference is that whilst the original GDPR concerned the processing of EU citizen data, the UK GDPR concerns the processing of UK citizen data. There are also implications concerning the processing and transferring of data across borders that business should ensure they are familiar with.