Whilst many large organisations are busy preparing for the GDPR coming to force on 25th May this year, there are many smaller organisations out there wondering if and how it applies to them. In the next two blog posts we answer some frequently asked questions for those involved in clubs and societies.I am secretary for a small members only club. Will the GDPR apply to us?Yes. The terms of the GDPR will apply to anyone processing personal data except for individuals processing personal data for personal or household activities.For this purpose personal data means any information relating to an identifiable person...

At the moment it might feel that GDPR (the EU General Data Protection Regulation) is popping up in every business conversation, every seminar and every newsletter or article. Any significant change in the law tends to breed a similar response, but GDPR in particular seems difficult to escape. This is partly because of the vast increase in fines that can be imposed under GDPR; and partly because data protection impinges on almost every aspect of your business.The immense scope of data protection means it can be very difficult to know where to begin, and all too easy to put off thinking...

As we approach the final six months before GDPR is finally with us, there is still time for businesses to get ready.  If you haven't given serious consideration to how GDPR will affect your business, now is the time to do so.The starting point for any business needs to be a personal data audit: assessing what personal data you have and what you use it for and then checking if that use, and the way the data was obtained, meets the higher compliance standards of GDPR.   In many cases the justifications currently relied on will not be enough, particularly in relation...

The General Data Protection Regulation (GDPR) is an EU regulation which will replace the UK Data Protection Act 1988. The aim of this Regulation is to guarantee the fundamental right to personal data protection across the EU.  The Regulation will likely have an impact on the ways that employers store and gain consent to retain information about employees.  In this blog, we shall provide a brief outline of the Regulation, and the main ways that it shall affect Employment Law and HR. BackgroundThe application of the Regulation extends to organisations which carry out processing outwith the EU but offer goods and services...

The GDPR came into force on 24 May 2016, with the intention of harmonising data protection rules across the 28 member states. Their further aim, following several high profile data breaches, was to both strengthen the rights of data subjects and make sure that organisations are taking their obligations of data protection seriously. Companies now have 2 years to ensure compliance with the new provisions.  But just what will such compliance involve, and how will this affect your business? A brief overview of some of the key changes is outlined below.ConsentConsent requirements are much more stringent than under the previous directive....