The General Data Protection Regulation (GDPR)

The GDPR affects all businesses and was enacted on 25 May 2018. It has introduced substantial changes to data protection law, and businesses should ensure they have taken the necessary steps to comply with the new rules.

General Data Protection Regulation

The EU General Data Protection Regulation (GDPR) represents one of the most challenging and evolving areas of law facing businesses today. The risks associated with non-compliance with data protection law post-25 May 2018 will change dramatically. Our Data Privacy specialists are uniquely placed to guide you through your GDPR journey. We provide advice on GDPR preparedness, including the new transparency and information requirements, the expanded rights of data subjects, one-stop shop regulation, international transfers, risk analysis DPIAs, mandatory breach notifications, the new data controller/processor dynamic, increased consent requirements and the penalties under the GDPR.

Latest Thinking

Data Protection Commission Annual Report 2020

Mar 2021

The Data Protection Commission has published its Annual Report for 2020.

EU Commission publishes draft UK adequacy decisions

Feb 2021

The EU Commission looks set to adopt two adequacy decisions in favour of the UK, which will allow businesses to continue to freely transfer personal data from the EU/EEA to the UK.

Member States agree on Council’s text for ePrivacy Regulation

Feb 2021

EU Member States have reached an agreement on the negotiating mandate for the draft ePrivacy Regulation (ePR). The ePR will repeal and replace the ePrivacy Directive (ePD) and all member state laws that implement it.

View all