THE EU GENERAL DATA PROTECTION REGULATION (GDPR)
1. Any business that handles personal data will have to follow new data protection rules and regulations from 25 May 2018. The General Data Protection (GDPR) apply from 25 May 2018 supersedes the UK Data Protection Act 1998 (DPA). GDPR expands the rights of individuals to control how their personal data is collected and processed and, places a range of new obligations on organisations to be more accountable for data protection.
2. UK organisations handling personal data will still need to comply with the GDPR, regardless of Brexit. The GDPR will come into force before the UK leaves the EU, and the government has confirmed that the Regulation will apply a position that has been stated by the Information Commissioner’s Office (ICO).