• Technology
  • February 21, 2017

9 Important ways that GDPR will affect how your business trades

By Lawbite Team

Talk to a Lawyer Free Legal Help
‘GDPR’ is coming and every business needs to know how to prepare for its impact Complete our FREE GDPR Checklist today Every business should know by now how to operate within the regulations of the DPA (Data Protection Act). I know what you’re thinking. This is all way too simple. If only the EU could come up with an even more complicated law on data protection that would really test us. Well, they have, the new ‘General Data Protection Regulation’ (GDPR). ‘Damn’, I hear you say, ‘we will miss out because we are leaving the EU’. Nope. First of all, the new law comes into effect in the UK in May 2018, before the 2 year period for Brexit ends. In addition, the law is consumer-friendly and is, therefore, unlikely to be unravelled by the Government. Finally, if we want to continue to trade as freely as possible with the EU this will undoubtedly be one of those laws we have to continue to comply with, especially given that our sites will be accessible by EU citizens. So, you are not going to miss any of the fun of complying with GDPR. Essentially the new data protection regime moves the dial even further in favour of the User. Among many other changes here are some key elements you need to know before it comes into effect; 
  1. Your business will need to implement technical and organisational measures, document processing activities and appoint a Data Protection Officer if it is a public authority or if the core activities of the controller or the processor involve “regular and systematic monitoring of data subjects on a large scale” or where the entity conducts large-scale processing of “special categories of personal data”.
  2. The GDPR applies to “personal data”, but GDPR’s definition of personal data is more detailed than the DPA. The new definition provides for a wide range of information to constitute personal data. This is to reflect the changes in technology and the way organisations can now collect information.
  3. Under GDPR, you will have an obligation to put in place organisational measures to show how you integrated data protection into your processing activities.
  4. This means that privacy in a service or product should be taken into account from the start of a product concept.
  5. Data subjects will have greater access to their data - you can no longer charge them £10 for that purpose.
  6. Data subjects will have a ‘right to be forgotten’ or a ‘right to erasure’ of their data.
  7. The regime around giving consent is tougher. Businesses will need to ensure that data subjects can withdraw their consent to their data being processed. Businesses must also ensure that consent is “explicit” for processing sensitive data. The onus will be on the business to show that the consent was given. Where personal data is processed for direct marketing the data subject will have a right to object. The right to object will have to be explicitly brought to their attention.
  8. Parental consent will be required for the processing of personal data of children under age 16. The Individual EU Member States may lower the age requiring parental consent to 13.
  9. Fines for major breaches of the GDPR could reach up to the higher of 4% of annual worldwide turnover and EUR20 million. Other infringements could attract a fine of up to the higher of 2% of annual worldwide turnover and EUR10m. You will be laughing on the other side of your face if you have to pay a fine like that. Have you ever tried laughing on the other side of your face? It takes years of practice and can give you neck ache, so, best to avoid it - and avoid paying those fines too…
At LawBite we help UK businesses to grow and stay protected on the right side of the law. If you have any questions or concerns on data protection and trading safely you can contact one of our expert LawBriefs today for a FREE consultation on 020 7148 1066.    

In closing

Nothing in this article constitutes legal advice on which you should rely. The article is provided for general information purposes only. Professional legal advice should always be sought before taking any action relating to or relying on the content of this article. Our Platform Terms of Use apply to this article.

Related Articles

Read more of our latest blog posts, featuring all the latest legal news, analysis and opinion from our expert lawyers.

blog image
  • By Lawbite Team
  • July 27, 2021
Data Protection - European Commission adopts adequacy decisions for the UK

On 28 June 2021, the Commission adopted two adequacy decisions in relation to the United Kingdom, under the General Data Protection Regulation (GDP...

blog image
  • By Lawbite Team
  • May 26, 2021
Your Post-Brexit GDPR Refresher

This month the General Data Protection Regulations (GDPR) celebrates its second birthday. Thinking back to the months preceding May 2018 you are li...

blog image
  • By Lawbite Team
  • November 16, 2020
ICO Fines - Not Just Big Companies Under Scrutiny on GDPR

The supervisory authority for GDPR compliance, the Information Commissioner's Office (ICO), has recently published its decision to fine British Air...


LawBite can help you

LawBite is on a mission to provide business legal advice that is easier to access, clearer to understand and much cheaper. Our on-line legal advice platform can quickly connect you with expert business legal advice. Our friendly, highly qualified business lawyers, solicitors and mediators will give you the guidance and reassurance that comes from customised legal advice for small and medium sized business.

Whether you are bringing or defending a legal claim, outsourcing work, want a business contract review to ward off disagreements, talk to an expert trademark lawyer, resolve a contractual dispute with methods like mediation and arbitration, or getting your new company set up and on the right footing with a robust shareholder agreement and GDPR standards, we can help you succeed.

defend a claim

Talk to a Lawyer

Book a Call
defend a claim

Essentials Plan