GDPR…attack of the acronyms!

    00 Days
    00 Hours
    00 Minutes
    00 Seconds

    Download the whitepaper before it's too late!

    Hubspot form settings

    Change the portalId and formId numbers in the code below

    Portal id: 316077

    Form id: 8a698780-9ae5-4c12-93ee-d189dd4625b6

    What is GDPR?


    The General Data Protection Regulation (GDPR) is a new European privacy regulation. It is aimed at strengthening and aligning protection of personal data of all European residents. The regulation covers acquiring, storing and usage of personally identifiable and sensitive data. It enforces rights for individuals to acquire their own personal data, have it corrected or removed. The regulation gives European residents more control over their own personal data. GDPR comes into force across Europe from 25th of May, 2018.

    Who does GDPR apply to?


    The regulation applies to all companies that gather, store and process data of European citizens. This also includes companies that might be based outside of the European Union. Any company that processes European citizen data is required to provide reasons for acquiring and processing data, document the processing process, ensure appropriate data handling security and discard or anonymise the data after the reasons for processing no longer apply.

    Watch the GDPR webinar


    With the topic of GDPR hot on everyone's lips, why not get up to speed by watching this webinar presented by
    Phil Young of Zero Support.

    Phil will discuss the content of the GDPR white paper, the guiding principles of GDPR, mapping data,
    document processes and drafting policies for staff.

    Seven GDPR guiding principles

    1. Lawfulness, fairness and transparency: Data must be processed lawfully, fairly and in a transparent manner in relation to the data subject

    2. Purpose limitation: Data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

    3. Data minimisation: Data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

    4. Accuracy: Data must be accurate and kept up to date. Every reasonable step must be taken to ensure that personal data that is inaccurate is erased or rectified without delay
        
    5. Storage limitation: data must be kept in a form which permits identification of data subjectsfor no longer than is necessary

    6. Integrity and confidentiality: data must be processed in a manner that ensures appropriate data security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage 

    7. Accountability: The data controller must be responsible for, and be able to demonstrate compliance with all of the above principles

    Your GDPR jargon glossary

    GDPR is broadening the definition of what constitutes personal data compared to that in the data protection act (DPA). As well as traditional personal data such as email, contact details, any identification numbers, IP addresses and locations are now included.

    Each person to which the personal data refers is known data subject

    What about Brexit?

    Brexit is unlikely to have a significant impact on GDPR. Not adopting regulations equivalent to GDPR means the European Commission could reject the UK's application for adequacy status. This is required for the free flow of information between the UK and EU without the need of separate contractual arrangements.

    So while GDPR could be amended or watered down post Brexit, it's best to assume this will not happen in any material way. The UK's own data protection bill clearly indicates a UK intention to replicate GDPR post-Brexit.

    Download our GDPR whitepaper