The General Data Protection Regulations (GDPR) came into force on 25^th May 2018. GDPR replaced the Data Protection Act 1998.

Background

The European Union has introduced the GDPR to update and harmonise data protection practices across the EU. It applies to all European Economic Area countries (EEA) and also to any individual or organisations trading with them.

Why the change?

The GDPR aims to update data protection to meet the new challenges of the 21st century. It increases protection for consumers and places increased obligations on individuals and organisations to both ensure and evidence that they handle personal data correctly and securely.