What is GDPR?
The GDPR (General Data Protection Regulations) which came into force in May 2018, creates new and higher standards of compliance than applied previously for organisations collecting and using customer data.
Whenever you collect and use identifiable personal data
about customers (like name, email, address and preferences) you need to stay compliant with the law.
If you don’t comply, you can be fined by the regulator (the ICO - Information Commissioner’s Office) – up to 4% of your turnover. Or, even more worryingly, the ICO can issue a ‘Stop Now’ order, which prevents you from collecting or using personal data at all, either permanently or until you have complied with their requirements.
What is the UK GDPR?
During the Brexit transition period which lasted from January 2020 to 1 January 2020 (EU Exit Day), the GDPR applied to UK organisations as it had done since its implementation in May 2018.
As with many other EU laws, the principles and regulations of the GDPR were transposed into what is now known as the UK GDPR. From Brexit Day, the EU GDPR ceased to apply to UK personal data; however, it continues to apply to EU personal data processed by UK-based organisations.
If you are wondering if you need a EU Representative for GDPR Compliance, ask yourself the following questions:
- Does my business process large amounts of data from EU data subjects or process special categories of data?
- Does my business have an office in the EU?
If the answer is yes for the first question and no for the second question, your business must appoint a GDPR Data Representative. If the answer is yes for both questions, you must appoint a Data Protection Officer (DPO). This rule applies to businesses operating both within and outside of the EU.
How can LawBite help?
We understand that GDPR compliance can seem overwhelming – with all those new rules and ongoing processes to comply with. Every business is unique so a one-size approach doesn’t work for everybody. Our GDPR lawyers will work with you speedily and affordably to understand what your business needs and agree on a pathway to compliance.
Our GDPR legal services include:
- Legal advice provided by our expert data protection lawyers on what GDPR means operationally for your organisation
- GDPR health check for your business showing you what changes you need to make and giving you an action plan
- Identifying whether you are a ‘Data Controller’ (who is in charge of deciding what data is to be collected, how it is to be collected, and the purposes for which it is to be used) or whether you are a ‘Data Processor’ (who analyses and processes the data on behalf of a Controller). Different obligations apply to each role.
- Helping you set up contracts between Data Processors and Data Controllers
- Reviewing and drafting employment contracts and providing HR advice related to GDPR
- Advice on handling Data Subject Access Requests
- Advice on dealing with a suspected data breach
- Advice on how to gain compliant consent from customers to collect and use their data
- Access to legal and business document templates to help you set up GDPR contracts
LawBite - Smarter Business Law
We believe that great legal advice is a fundamental business right. We are committed to providing your business with expert legal advice that is:
- Easier to access
- Clearer to understand
- More affordable
Many businesses find traditional law cumbersome; complex to navigate, difficult to navigate and often full of hidden charges. Therefore, it is no surprise that SMEs instinctively turn to LawBite to solve their business legal problems, giving us a 98% service rating on feefo.
LawBite online lawyers and online solicitors provide expert legal advice on all commercial and business matters. Book a no commit 15-minute call with our friendly lawyers today or learn more by joining LawBite for free.
Additional useful information