• Technology
  • February 21, 2017

9 Important ways that GDPR will affect how your business trades

By Lawbite Team

Talk to a Lawyer Free Legal Help
‘GDPR’ is coming and every business needs to know how to prepare for its impact Complete our FREE GDPR Checklist today Every business should know by now how to operate within the regulations of the DPA (Data Protection Act). I know what you’re thinking. This is all way too simple. If only the EU could come up with an even more complicated law on data protection that would really test us. Well, they have, the new ‘General Data Protection Regulation’ (GDPR). ‘Damn’, I hear you say, ‘we will miss out because we are leaving the EU’. Nope. First of all, the new law comes into effect in the UK in May 2018, before the 2 year period for Brexit ends. In addition, the law is consumer-friendly and is, therefore, unlikely to be unravelled by the Government. Finally, if we want to continue to trade as freely as possible with the EU this will undoubtedly be one of those laws we have to continue to comply with, especially given that our sites will be accessible by EU citizens. So, you are not going to miss any of the fun of complying with GDPR. Essentially the new data protection regime moves the dial even further in favour of the User. Among many other changes here are some key elements you need to know before it comes into effect; 
  1. Your business will need to implement technical and organisational measures, document processing activities and appoint a Data Protection Officer if it is a public authority or if the core activities of the controller or the processor involve “regular and systematic monitoring of data subjects on a large scale” or where the entity conducts large-scale processing of “special categories of personal data”.
  2. The GDPR applies to “personal data”, but GDPR’s definition of personal data is more detailed than the DPA. The new definition provides for a wide range of information to constitute personal data. This is to reflect the changes in technology and the way organisations can now collect information.
  3. Under GDPR, you will have an obligation to put in place organisational measures to show how you integrated data protection into your processing activities.
  4. This means that privacy in a service or product should be taken into account from the start of a product concept.
  5. Data subjects will have greater access to their data - you can no longer charge them £10 for that purpose.
  6. Data subjects will have a ‘right to be forgotten’ or a ‘right to erasure’ of their data.
  7. The regime around giving consent is tougher. Businesses will need to ensure that data subjects can withdraw their consent to their data being processed. Businesses must also ensure that consent is “explicit” for processing sensitive data. The onus will be on the business to show that the consent was given. Where personal data is processed for direct marketing the data subject will have a right to object. The right to object will have to be explicitly brought to their attention.
  8. Parental consent will be required for the processing of personal data of children under age 16. The Individual EU Member States may lower the age requiring parental consent to 13.
  9. Fines for major breaches of the GDPR could reach up to the higher of 4% of annual worldwide turnover and EUR20 million. Other infringements could attract a fine of up to the higher of 2% of annual worldwide turnover and EUR10m. You will be laughing on the other side of your face if you have to pay a fine like that. Have you ever tried laughing on the other side of your face? It takes years of practice and can give you neck ache, so, best to avoid it - and avoid paying those fines too…
At LawBite we help UK businesses to grow and stay protected on the right side of the law. If you have any questions or concerns on data protection and trading safely you can contact one of our expert LawBriefs today for a FREE consultation on 020 7148 1066.    

In closing

Nothing in this article constitutes legal advice on which you should rely. The article is provided for general information purposes only. Professional legal advice should always be sought before taking any action relating to or relying on the content of this article. Our Platform Terms of Use apply to this article.

Related Articles

Read more of our latest blog posts, featuring all the latest legal news, analysis and opinion from our expert lawyers.

blog image
  • By Lawbite Team
  • September 20, 2021
How to Gain Consent Under the GDPR

Even several years after the introduction of the General Data Protection Regulations (GDPR) in 2018, there is still a lack of understanding about h...

blog image
  • By Lawbite Team
  • September 15, 2021
How to Run a Data Subject Access Request (SAR)

Whether you are a small, medium, or large organisation, receiving a subject access request (SAR) or data subject access request (DSAR) and handling...

blog image
  • By Lawbite Team
  • September 15, 2021
What are the Privacy and Electronic Communications Regulations 2003?

In the era of digital communication and big data, it is more important than ever to protect the rights and privacy of customers, whether these are ...


LawBite can help you

LawBite is on a mission to provide business legal advice that is easier to access, clearer to understand and much cheaper. Our on-line legal advice platform can quickly connect you with expert business legal advice. Our friendly, highly qualified business lawyers, solicitors and mediators will give you the guidance and reassurance that comes from customised legal advice for small and medium sized business.

Whether you are bringing or defending a legal claim, outsourcing work, want a business contract review to ward off disagreements, talk to an expert trademark lawyer, resolve a contractual dispute with methods like mediation and arbitration, or getting your new company set up and on the right footing with a robust shareholder agreement and GDPR standards, we can help you succeed.

defend a claim

Talk to a Lawyer

Book a Call
defend a claim

Essentials Plan