Expertise : General Data Protection Regulation
What is GDPR?
GDPR is the General Data Protection Regulation; an EU sanctioned directive that enhances the 1998 Data Protection Act. It was passed by the EU in April 2016 and a two year grace period was given for organisations to become compliant.
Who does GDPR effect?
The legislation affects any organisation that is involved in the processing (collection, storage and usage) of certain categories of personal data on EU citizens. This includes data held by companies not within the EU.
When does it come into effect?
GDPR legislation came into enforcement on 25 May 2018, and although the GDPR is European Law and the UK has voted upon leaving the EU, GDPR will be directly applicable to the UK which was still a member state of the EU on the date of commencement. Once the UK leaves the EU, the GDPR will continue to apply as it will be incorporated into UK domestic law.
What can happen if you are non-compliant?
Organisations will be fined for failing to comply, with the maximum fine being 4% of total global turnover or €20 million, whichever is greater.
How can Auditel help?
We understand that every organisation is unique, and that is why each client deserves a bespoke service to fit their business needs. Auditel’s consultant network are available to help you through your GDPR journey.
With the deadline already passed; the time to act, if you have yet to start, really is now. To start your GDPR journey with Auditel, or for some completely impartial advice, please complete the form below and a member of the team will be in contact.
For more detailed information on GDPR please visit the ICO website.