Big fat disclaimer: This is not legal advice. I am not a legal professional. Mr J-M qualified to practise back in the day but I hardly think that qualifies me to be anyone’s sole source of advice pertaining to the The Law does it. (No!!) So, whilst I’ve done some decent research here and think I’ve covered the salient points, bear in mind that you are still responsible for how you handle data and should prepare yourself accordingly. Also, data is a plural and you can fight me.
Folks, you’ve heard of the Data Protection Act 1998, yes? Chances are that a lot of you have bumped into this legislation in the workplace as companies try their best to ensure that data are handled safely and lawfully and no-one on the payroll leaves a laptop full of sensitive information in a skip anywhere. The GDPR (General Data Protection Regulation) is regulation enacted by the EU that will finally come into effect on 25 May 2018. It will replace the Data Protection Act 1998. LIKE TOTALLY. It has a much broader scope, gives greater rights to individuals, has tougher punishments for non-compliance, and is basically a whole lot better and more fit for purpose. #Remain, y’all. I ❤ the EU.