General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) was deemed to be the biggest shake-up in data protection to date and impacts all UK businesses. It raised the bar for security, privacy rights and compliance when keeping clients' information safe and secure.

Let's talk

The GDPR was designed to "harmonise" data privacy laws across Europe, including the UK Data Protection Act (1998), while also providing individuals with greater protection and rights in the digital domain.

From a business perspective, it now means more accountability of what businesses do with other people's data, especially in terms of how they use it, interact with it and store it. It gives clients new rights, with individuals receiving more control over all their personal data as well as extra security and controls to protect data.

We've been providing expert accountancy advice and helping contractors to focus on doing what they do best since 1992.

When did it take effect?

The GDPR came into force on 25 May 2018 and applies to all organisations in the EU, including the UK and regardless of the Brexit vote.

Penalties

Sanctions of £20 million or 4% of your annual turnover, whichever is higher, are in place for non-compliance.

These penalties are at the discretion of the Information Commissioner's Office (ICO), the UK's independent authority set up to uphold information rights in the public interest.

However, the ICO states that fines under the GDPR will be necessary, proportionate, and only ever applied as a last resort.

This is something for businesses to be aware of, we do not offer advice on GDPR.