• Home
  • About Us
  • Why GDPR Matters
  • Our Services
    • The Data Risk Provision
    • FAQ
    • For Accountants
  • Latest News
  • Contact Us

WHY GDPR MATTERS

GDPR – Giving Data Proper Respect

The instant a GDPR rule is not followed (for example when a Privacy Notice is not given or is defective, not in the right format or not given at the right point in the flow) an individual is automatically eligible to claim for financial compensation.

Larger organisations, such as Google, are being sued for significant sums because they failed to provide the right Privacy Notice with the right words at the right point in time. And it’s not just Google. It’s Amazon, Facebook, Klarna, WhatsApp and others too. How is your Privacy Notice?

The same rules apply to all businesses. If they fail to follow the GDPR rules they have exposed themselves to claims from every customer. All the customer needs to do is bring a claim against that business.

What is the data legislation in the uk

GDPR

Data Protection Act 2018

Data Protection Act 2018

The UK General Data Protection Regulation (UK GDPR) is a law that governs how personal data is handled in the UK. It came into effect on January 1, 2021.  The UK GDPR is based on the EU GDPR, but was modified after Brexit to better suit the UK.  

The UK GDPR protects the personal data of individuals, not legal entities.

Data Protection Act 2018

Data Protection Act 2018

Data Protection Act 2018

 The Data Protection Act 2018 (2018 DPA) controls how personal information is used by organisations, including the government. It is the UKs implementation of GDPR.

All organisations responsible for using personal data have to follow strict rules called ‘data protection principles’. 

 The 2018 DPA also introduced stronger legal protection for more sensitive information, now known as Special Category Data.

PECR Regulations

Data Protection Act 2018

Consequences for breaking GDPR

 The Privacy and Electronic Communications Regulations (PECR) give people specific privacy rights in relation to electronic communications.  PECR regulates marketing calls, emails, texts and faxes; website cookies; keeping communications services secure; and customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

Consequences for breaking GDPR

Consequences for breaking GDPR

Consequences for breaking GDPR

 The maximum fine for a GDPR infringement in the UK is £17.5 million or 4% of the organization's annual global turnover, whichever is higher. 

What data is protected

Consequences for breaking GDPR

What data is protected

 Personal data protected by GDPR includes names, ID numbers, phone numbers, financial data, online identifiers, like IP addresses and Information collected by tracking cookies.

Special Category Data

Consequences for breaking GDPR

What data is protected

Special category data includes race, ethnic background, political opinions, , religious beliefs, trade union membership, genetics, biometrics (where used for identification), health and sex life or orientation.

There are also separate safeguards for personal data relating to criminal convictions and offences.

Data Risk Exposure

 Getting the data legislation rules wrong when applying them to the personal data you collect exposes the business to compensation claims from individuals, fines from the ICO, security breaches that impact the business and a reduction in business value. 


A provision can be put in place to provide funds to cover the compensation claims businesses have unwillingly exposed themselves to by non compliance.

Find out more

Our Partners

Contact Us

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Copyright © 2024 CTR Limited - All Rights Reserved. 

Company Number 12851542

  • Privacy Policy
  • Cookie Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept