Home / Insight / GDPR

GDPR

Go to International

Welcome to GDPR Insights, the place to find out more about the hot topics and news related to GDPR.

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. The objectives and principles of the previous data protection regime were still regarded (including by the Commission) as sound and so the GDPR retains many of the current concepts, definitions and principles. However, for a number of years the data protection regime has been criticised for being inconsistent and out of date.

A new principle of accountability sitting with businesses, enhanced data subject rights and increased requirements on both data controllers and for the first time directly on data processors all combine to mean that developing a compliance culture is now a necessity rather than a ‘nice to have’. Breaches of the new rules could lead to increased fines and will have a highly detrimental impact on an organisation’s reputation. The maximum fine for non-compliance could be up to 4% of total worldwide turnover (for the preceding year) or €20 million, whichever is the greater.

GDPR applies across Europe, making a consistent approach easier than it has been historically. GDPR compliance does need to be an overwhelming task with the correct support. Our Data Protection team is always on hand to provide commercially focused advice on understanding and addressing the GDPR obligations relevant to your organisation.

We hope this section provides you with some interesting and useful insights into GDPR. If you are looking for more information or help from our CMS Data Protection Team please contact us.

Data Pro­tec­tion
The Data Pri­vacy Game Changer
Data Law Nav­ig­at­or
United King­dom

Feed

05/03/2021
Data pro­tec­tion and cy­ber­se­cur­ity laws in the United King­dom
Data pro­tec­tion 1. Loc­al data pro­tec­tion laws and scope The Data Pro­tec­tion Act 2018 (“DPA”) cov­ers gen­er­al pro­cessing of per­son­al data in the UK.The DPA sup­ple­men­ted the EU Gen­er­al Data Pro­tec­tion...
Comparable
24/04/2018
Cy­ber­se­cur­ity and GDPR: where are we head­ing?
With GDPR tak­ing ef­fect across the European Uni­on in May 2018, pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Our free weekly we­binars in this series will take a...
17/04/2018
The e-pri­vacy Reg­u­la­tion: cur­rent state of play and what to ex­pect
With GDPR tak­ing ef­fect across the European Uni­on in May 2018, pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Our free weekly we­binars in this series will take a...
10/04/2018
Law­ful­ness of pro­cessing, con­sent and le­git­im­ate in­terest
With GDPR tak­ing ef­fect across the European Uni­on in May 2018, pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Our free weekly we­binars in this series will take a...
27/03/2018
Data pro­cessing: up­dat­ing and es­tab­lish­ing your agree­ments
With GDPR tak­ing ef­fect across the European Uni­on in May 2018, pri­vacy com­pli­ance has ris­en up the agenda for all busi­nesses hand­ling per­son­al data. Our free weekly we­binars in this series will take a...
14/03/2018
Data pro­tec­tion un­der the draft Brexit with­draw­al agree­ment
The European Com­mis­sion pub­lished the first draft of the pro­posed Brexit with­draw­al agree­ment on 28 Feb­ru­ary 2018. It in­cludes pro­vi­sions in re­la­tion to the pro­cessing of per­son­al data dur­ing a ‘trans­ition...
13/02/2018
GDPR: ma­jor im­pact on hotel in­dustry
In a de­vel­op­ment that is ex­pec­ted to re­ver­ber­ate across the hotel in­dustry of the Neth­er­lands and EU, the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is sched­uled to come in­to force on 25 May 2018. The...
29/01/2018
GDPR in hos­pit­al­ity
The Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR), which ap­plies from 25 May 2018, will bring about a step change in risk for or­gan­isa­tions in the Hotel & Leis­ure sec­tor.The GDPR will have a ma­jor im­pact...
21/12/2017
GDPR: Data sub­ject rights
Data sub­jects have al­ways had the right to make sub­ject ac­cess re­quests, which we dis­cussed in a pre­vi­ous GDPR Bites­ize, click here to read. When the GDPR comes in­to force, data sub­jects will have ad­di­tion­al...
11/12/2017
Ef­fect­ive en­force­ment and pain­ful pen­al­ties: are you up to speed with the...
By now most of us are aware that the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) is com­ing in­to force in May 2018, and this will in­volve a range of new du­ties and ob­lig­a­tions on em­ploy­ers. Among the changes...
30/11/2017
ICO's Guide to the GDPR
Pri­or to the in­tro­duc­tion of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (Reg­u­la­tion (EU) 2016/679) (“GDPR”) on 25 May 2018, the UK In­form­a­tion Com­mis­sion­er’s Of­fice (“ICO”) has pub­lished a Guide...
27/11/2017
Time to up­date your sub­ject ac­cess pro­ced­ures
The data sub­ject ac­cess re­quest (“DSAR”) has al­ways been a cent­ral pil­lar to data pro­tec­tion le­gis­la­tion, provid­ing in­di­vidu­als with a means of check­ing wheth­er their data is be­ing pro­cessed law­fully...