Following on from the news of our success as Property Law Firm of the Year, we are also celebrating a silver award in the Law Firm of the Year...Find out more
The EU General Data Protection Regulation (GDPR) came into force on 25 May 2018. The regulations aims to harmonise data protection rules and enforcement across the EU. GDPR is designed to further protect the personal data of individuals, and imposes a stricter regime than under the present law.
Following Brexit, the GDPR is retained in domestic law as the UK GDPR, but the UK has the independence to keep the framework under review. The ‘UK GDPR’ sits alongside an amended version of the Data Protection Act 2018. Following the UK’s ‘Adequacy Decision’ in 2021 this means businesses and organisations in the UK must continue to follow the requirements set out the GDPR.
Though GDPR has now been in force for several years, many businesses still fail to comply with the rules, often facing tough penalties against them. Failure to comply with GDPR can result in businesses facing fines of up to 4% of global annual turnover, or €20m (whichever is greater).
Organisations need to be aware of their obligations under the GDPR and ensure that they are fully compliant, particularly in light of the higher penalties for infringements. Our experienced lawyers advise on a broad range of data protection issues and can assist your business in complying with the GDPR rules. Druces can advise on:
Druces can also support your organisation in the event of a data breach. The financial and reputational damage to a business following a breach can be severe, and Druces will work closely with you to formulate the best approach in dealing with affected individuals and the Information Commissioner’s Office.