Regulatory change - General Data Protection Regulation (GDPR)

Posted on: 19 September 2017

Corporate News icon

The European Union General Data Protection Regulation (GDPR) will come into force on 25 May 2018.

With less than 12 months to go, we wanted to raise awareness of the regulation and what changes this could mean for you.
 

What is GDPR?

GDPR is a European Union regulation which sets out rules on handling, storing and processing the personal data of EU citizens. Even if you’re not based in the EU, if you process personal data of an EU citizen the rules of GDPR will still apply.

Failure to meet the requirements of GDPR could result in a fine of €20 million or 4% of the company’s global annual turnover, whichever is the greater.
 

What do you need to do?

If you process, handle or store personal data relating to EU citizens, you’ll have to be compliant with the GDPR by the 25th May 2018.

Download the full regulation from Europa.eu [PDF]

 
Some guidance has also been published by the Information Commissioners Office (ICO):

Overview of the General Data Protection Regulation (GDPR)

Preparing for the GDPR - 12 steps to take now [PDF]

 
Next steps

We’ll be updating your Terms of Business Agreement in line with GDPR and will be in contact as soon as these are ready.