My business is registered for Data Protection already – what has changed?

The initial change is that you no longer have to register. If you capture, keep or process any personal data of data subjects who are in the European Union then you are subject to the GDPR.

There are a number of major new requirements in the GDPR, (see below), but for those companies which have good procedures to comply with the current DPA, the transition to the GDPR should be easier to manage.

The regulator has lots of new rights, including very hefty financial penalties and the right to stop or restrict you from processing any personal data. For example, the regulator can audit your personal data processes, which must be documented, requiring you to produce all those procedural records.

This FAQ is in these categories:

Share this page