Back to GDPR Overview

GDPR Explained

GDPR (General Data Protection Regulation) is a framework, that defines how european businesses need to handle their clients personal data.

The amount of information online has massively increased since data protection acts were created in the 90s, therefore the old regulations are no longer suitable.

Not conforming to GDPR could lead to a €20M fine, or a fine at the value of 4% of your annual income. Below we've outlined the areas you need to consider for making your website GDPR Compliant.

Statements and the information provided across our website about GDPR is based on our interpretation of the legislation. It is not legal advice. For concrete legal advice, you may wish to talk to a solicitor.

Free GDPR Review

What is GDPR?

GDPR is Europe's new framework for data protection laws which will replace the 1995 data protection directive. It follows many of the principles of the current Data Protection Act.

Why has GDPR come in?

To protect personal information from being used by organisations against their wishes and without their knowledge. GDPR ensures businesses are held accountable for the safeguarding and storing of all client data they hold.

What constitutes 'Personal Data' under GDPR?

According to the ICO, personal data is any information related to a person, that can be used to directly or indirectly identify that person.

Details that count as personal data have been extended to include online identities, such as:

work email address
personal email address
phone numbers
online identities/usernames
cookies
IP address
health records
biometric data
genetic data.

GDPR - Post Brexit

Although the UK are planning to leave the European Union, as the GDPR legislation was agreed prior to Brexit, it will still come in to force in UK law.

Once the UK has left the single market the British courts will be able to change any laws previously set by the European Union, however until such a time the UK make changes, the GDPR's legislation will be enforced as UK law.