Great team with deep knowledge and experience of this legal area.
We are pleased to offer our data protection compliance service, a packaged, end-to-end legal service, designed to enable businesses to achieve UK GDPR compliance.
Since Brexit, businesses and other organisations that collect and use personal data in the UK need to comply with the UK General Data Protection Regulation (UK GDPR), plus the Data Protection Act 2018.
The UK GDPR broadly mirrors the EU GDPR. and sets out what organisations must do when collecting, storing, and using personal data. It applies not only to organisations based in the UK but also organisations in other countries if they offer goods or services to individuals located in the UK or monitor UK residents’ behaviour. In addition, if such organisations do not have a business presence in the UK, they will need to appoint a representative here to deal with any queries relating to data breaches or subject access requests.
The EU GDPR continues to apply to UK (and other) organisations that have an establishment in the EU, offer goods or services to individuals located in the EU or monitor EU residents’ behaviour. Such organisations need to comply with both the UK GDPR and the EU GDPR. If they do not have a business presence in the EU, they will need to appoint a representative in the EU to deal with any queries from individuals there.
Like the EU GDPR, the requirements of the UK GDPR are far-reaching. There is an emphasis on transparency and security when processing personal data, as well as individuals’ rights and mandatory notification requirements for certain data breaches. The obligation to be accountable requires organisations to put in place comprehensive policies and practices, as well as having organised record keeping. Key obligations such as ‘the right to be forgotten’ and ‘privacy by design’ impact upon how businesses interact with their customers.
Non-compliance presents not only reputational but also financial risk. Breaches are punishable by very significant fines of up to £17.5 million or 4% of global annual turnover, whichever is higher.
Our data protection compliance service is delivered in two key phases and has been developed by us in response to demand from clients who need a fast and cost-effective solution to data protection compliance.
Phase one: discovery
Phase two: remediation
Enter your details to receive copies of our regular e-bulletins.