GDPR…attack of the acronyms!
Download the whitepaper before it's too late!
What is GDPR?
The General Data Protection Regulation (GDPR) is a new European privacy regulation. It is aimed at strengthening and aligning protection of personal data of all European residents. The regulation covers acquiring, storing and usage of personally identifiable and sensitive data. It enforces rights for individuals to acquire their own personal data, have it corrected or removed. The regulation gives European residents more control over their own personal data. GDPR comes into force across Europe from 25th of May, 2018.
Who does GDPR apply to?
The regulation applies to all companies that gather, store and process data of European citizens. This also includes companies that might be based outside of the European Union. Any company that processes European citizen data is required to provide reasons for acquiring and processing data, document the processing process, ensure appropriate data handling security and discard or anonymise the data after the reasons for processing no longer apply.
Learn more about GDPR from illuminate online
Seven GDPR guiding principles
Watch the replay of the MiFID II webinar with Phil Young
Nucleus' most recent white paper, MiFID II - a guide for financial advisers has been prepared in partnership with Phil Young of Zero Support.
On this webinar Phil discusses the white paper and the context and purpose of MiFID II, how the FCA plan to interpret and apply it to the UK and how it will affect advisers, and what actions they will need to take to meet the changes in this legislation.
Your GDPR jargon glossary
What about Brexit?
Brexit is unlikely to have a significant impact on GDPR. Not adopting regulations equivalent to GDPR means the European Commission could reject the UK's application for adequacy status. This is required for the free flow of information between the UK and EU without the need of separate contractual arrangements.
So while GDPR could be amended or watered down post Brexit, it's best to assume this will not happen in any material way. The UK's own data protection bill clearly indicates a UK intention to replicate GDPR post-Brexit.