GDPR
General Data Protection Regulation

The GDPR applies to all business who have data on UK or EU individuals.

The General Data Protection Regulation (GDPR) is an EU regulation. The European Parliament, the Council of the European Union, and the European Commission use this regulation to increase data protection for everyone in the EU.

Reading Time: 3 minutes

The aim of the GDPR is to enable individuals within the EU to control their personal data. In addition, the GDPR simplifies the regulatory environment for international businesses by making this an EU-wide regulation.

Coming into effect on 25th May 2018, this regulation is applicable to all businesses in the UK. Irrespective of Article 50 being triggered by the UK government and leaving the EU (as Brexit is a 2-year process), all businesses must comply with the GDPR before this date.

The GDPR regulation will replace the data protection directive from 1995, which regulates the processing of personal data within the European Union. Already a law, the GDPR will end its two-year transition period on 25th May 2018.

What businesses are affected by GDPR?

The GDPR applies to all business who have data on UK or EU individuals. This includes every company in Europe as well as every company that trades or processes personal data in the EU. The GDPR extends this to cover those who utilise personal data directly or indirectly with Europe.

Companies that fail to comply will face potential criminal convictions and damages in court cases. Additionally, depending on the infringement, companies can be fined up to:

1. €10 million or 2% of annual worldwide turnover of the preceding financial year, whichever is higher
2. €20 million or 4% of annual worldwide turnover of the preceding financial year, whichever is higher

From researching, studying and learning all about this new regulation, JVR Consultancy realise that all sectors must learn new disciplines. This includes lawyers, IT professionals, and management. In fact, all data flow processes need to be completely understood, defendable, self-disciplining and regulator- proof. This new regulation will affect every company in the UK/EU, not to mention every global company doing business in the European Economic Area.

The new EU reform regulation aims to:

  • Reinforce the fundamental rights of the individual – privacy by design and by default
  • Strengthen the EU internal market through new, clear, and robust rules for the free movement of data
  • Ensure consistent enforcement of these rules
  • Set global privacy standards
  • Safeguard a golden standard for privacy across all industries

Due to this, each company will need to make changes and understand the following:

1. Data breaches
2. Risk register
3. Privacy communication
4. Individuals’ rights
5. Consent of supplier & client
6. Subject access requests
7. Staff awareness
8. If relevant – data concerning children
9. Privacy by design and privacy impact assessments
10. Data protection officers
11. International – if your organisation operates in more than one EU member state

Some companies believe that this is an IT department issue. However, the GDPR is not just focused on IT. In fact, of the 98 Articles in GDPR, less than 5 deal with IT. GDPR is about fundamental rights, freedoms, fairness, and vital interests. On that note, do not allow your IT supplier or provider deal with GDPR as GDPR has very little to do with IT.

For a thorough insight into the impact the GDPR will have on your business, please contact our certified advisory team on 01628 56 52 56.

Our GDPR consultants cover the whole of the UK to provide an extensive free GDPR Gap Analysis to support your transition into becoming GDPR compliant.

Frequently Asked Questions from our Customers

Achieve Accreditation and Compliance with JVR

JVR Consultancy was formed in the year 2008. We noticed that there was a gap in the market, for companies who work in the construction, rail, utilities, oil and gas sector who were not fully supported in the way that they could be when it came to industry compliance and certification. That is why our highly experienced team of compliance consultants can serve these sectors by providing over 135 years of combined experience with all compliance needs. In short, you won’t find anyone else who cares as much, or who tries as hard as we do.

Speak with one of our experienced consultants. At JVR, we know that time is precious, and you want the answers to your questions quickly. Once we speak with you for the first time over the phone, we need around 10 minutes to fully evaluate which accreditation you need support with and a brief introduction into you and your company.

  • This field is for validation purposes and should be left unchanged.
GDPR - General Data Protection Regulation
  • Nationwide Presence

    26 national support locations throughout the UK. See Office Locations.

  • Fixed Fee Payments

    There are no hidden charges, and what you see is what you pay.

  • Free Gap Analysis

    Assess the difference between your business performance & your goals.

  • Audit Support

    Supporting businesses with upcoming compliance audits. FAST TRACK priority support also available.

  • Customer Service

    Our customer reviews are a testament to our work & the results we achieve.

  • Experience

    Vast experience in developing compliant integrated management systems

  • Thorough Process

    We write procedures, policies & associated documentation.

  • Bespoke

    Our services are tailored to meet individual company requirements.

Audit Support

Get FAST TRACK Audit Support with JVR Consultancy Today. Click here to find out more.

Gap Analysis Report - Request a Free Remote Assessment

Free Remote Gap Analysis

Book a Free Remote Gap Analysis during Covid-19 for your business. To learn more, why not read our What is Gap Analysis blog article and understand how a Gap report would benefit your company.

Related Articles

More reasons to choose JVR Consultancy for Compliance & Risk Management

Menu