The basics of GDPR

What is GDPR?

GDPR (General Data Protection Regulation) is a regulation created by the European Union (EU) to govern how businesses manage the personal data they control or process. It covers a wide range of areas, from data processing within the EU, the processing of personal data from citizens within the EU, and even the transfer of personal data to countries outside the EU.

Does GDPR affect me?

GDPR applies to all organisations are based in the EU, or that handle the personal data of EU citizens. If your organisations has offices within the EU, or holds personal data from the citizens of EU countries, then GDPR will apply to you. Additionally, if you offer services or products to EU citizens, it is likely that GDPR will apply to you.

You can use this free online tool to assess whether GDPR affects your organisation.

When does GDPR take effect?

GDPR applies from May 25th 2018. This means organisations holding personal data have until that date before they must comply with GDPR. However it is recommended that you start the compliance process well before then, since most companies will require significant changes in order to comply with GDPR

What I am required to do?

GDPR requires organisations to comply with a wide range of data subject rights and processor responsibilities. To help you understand these requirements, we have created an overview of GDPR requirements and responsibilities.