Data Protection Law

Data Protection law is  changing. You may have already heard of the GDPR or General Data Protection Regulation which will take effect from the 25th of May 2018. The GDPR is a new piece of legislation from the European Union which will replace the current UK Data Protection Act or DPA (1998). Britain’s decision to leave the EU will not affect the implementation of this new law, which will apply to companies across the world that process personal data belonging to citizens from the EU. This means that not only will the GDPR  Data Protection law apply to businesses within with European Union, but also to everyone in the rest of the world who provide products or services in the EU.

Who will be affected?

The new law applies to any business handling the information of EU citizens although if you are currently affected by the DPA, you are likely to be subject to the GDPR. More specifically, the GDPR Data Protection law outlines ‘controllers’ and ‘processors’ of information. Under the regulation, controllers are those who make decisions as to how and why personal information is processed while the processor acts on their behalf. These definitions are similar to those under the Data Protection Act however, controllers and processors will have new obligations under GDPR Data Protection law 

Under the GDPR, processors will be responsible for maintaining records of personal data and will be liable for any breach in the way the information is handled. Controllers on the other hand, will have the added responsibility of ensuring that they comply with the GDPR when dealing with processors.


Consequences of non-compliance

Businesses across the UK and globally will be required to comply with the General Data Protection Regulation and the consequences of failing to do so could be severe. The European Data Protection Authority will be able to take action against businesses anywhere in the world who fail to comply with the legislation. Non-compliance could result in businesses receiving fines of up to €20 million Euros or the equivalent to 4% of their yearly global turnover. Failure to attain valid consent could also result in any personal data handling activities being shut down by the authorities.


How can I prepare my business?

Firstly, you should check that your current data protection procedures are up to date and comply with the current legislation. We can help you with this. Ensure that your business can demonstrate that it has effective procedures in place to prevent any breaches of personal data. It may also be necessary to provide training to employees on the updates to data protection laws and ensure that they understand the procedures in place within your business for handling data.

The ICO has made a twelve point plan businesses to follow in order to comply with the GDPR that you may find useful and which is available on their web site

If you need any help dealing with your Data Protection responsibilities please call Dominic Moss on 01606 872200




Facebook Posts

You could earn £250 just by referring a friend to Stonehewer Moss for a Personal Injury case - it's really that simple! ... See MoreSee Less

View on Facebook

Get In Touch

Contact our expert team of friendly Northwich lawyers

FREE advice

Refer A Friend

Know someone who is looking for a good injury lawyer? Get more than just a thank you for recommending us to your family or friends.

See Details

Latest News

Keep up to date with all the latest news and events from our friendly team.

Read More

Rate Stonehewermoss Solicitors

Stonehewer Moss Family Solicitors, Citadel House, Solvay Road, Northwich, Cheshire, CW8 4DP

Family and Corporate Solicitors Northwich covering Chester, Crewe, Knutsford, Macclesfield, Middlewich, Northwich, Runcorn, Sandbach, Warrington, Winsford, and across Cheshire.

Stonehewer Moss Solicitors is a trading style of the Stonehewer Moss Limited, Registered in England No. 542 6583
which is a firm of solicitors authorised and regulated by the the Solicitors Regulation Authority No. 471159