GDPR stands for the General Data Protection Regulations, which are a set of data protection regulations that were made EU law in 2016. These regulations outline a number of data protection principles, and define the data privacy rights that all organisations are required to uphold.
Before Brexit, these data privacy laws were enforced in the UK by the Data Protection Act 2018. After leaving the EU, the GDPR was adopted into UK law with a few small amendments. This is often called the ‘UK GDPR’.
These laws are very similar, which means that compliance with one should ensure (but does not guarantee) compliance with the other.
The GDPR is an important piece of legislation that helps to protect personal data and enforce good information security practices. Breaching the General Data Protection Regulation can lead to hefty fines of up to £17.5 million or 4% of a business’ annual turnover, whichever is greater.
In the UK, the Information Commissioner’s Office (ICO) enforces the UK GDPR and, in the European Union, this responsibility falls on the local supervisory authority for each country.
Any organisation that handles the personal data of a UK or EU citizen or resident must comply with the requirements of the UK or EU GDPR respectively. This applies to organisations anywhere in the world.
If your website is aimed at the EU market then it needs to be EU GDPR compliant, and if your website targets the UK market then it needs to be UK GDPR compliant. If you are unsure about which legislation you need to follow, you should seek legal advice before processing any personal data.
There are 7 principles of the GDPR that organisations have to follow in order to comply with the GDPR. The principles are:
Find out more about the 7 GDPR principles in our online GDPR Awareness or Advanced GDPR Awareness courses.
There are eight data privacy rights under the General Data Protection Regulation that organisations are required to provide. These 8 data privacy rights are designed to give people more control over their personal data.
A data breach occurs when personal data is used in a way that it shouldn’t be. It can happen even with the strictest data security in place. A personal data breach can take a number of forms, including:
The supervisory authority, which is the Information Commissioner's Office in the UK, must be notified when certain data breaches have occurred.
As previously mentioned, the GDPR was adopted into UK law after Brexit, and has continued to apply since the UK left the European Union. For more information, visit our dedicated article here.
We've suggested {{courseCount(suggestedCourseCount, 'popular')}} for you.
You can deselect them below if you'd prefer something else
(although the product you are upgrading from must remain)
.
Please select {{courseCount(model.CourseCount)}} to create your bundle.
Please select {{courseCount(model.CourseCount - vm.selectedCount(), 'more')}} to create your bundle ({{vm.selectedCount()}} currently selected).
{{vm.selectedCount()}} courses currently selected.
Please deselect {{courseCount(vm.selectedCount() - model.CourseCount)}} to create your bundle ({{vm.selectedCount()}} currently selected).
