GDPR comes into force on 25 May 2018

GDPR: How the data protection rules affect you

The 25 May 2018 is an important day for data protection as this is the day when GDPR comes into force. It means more protection for you as companies will have to change how they deal with your data.

If you’ve not heard of it, GDPR stands for the General Data Protection Regulation. It’s a replacement for the outdated Data Protections Act (1998).

But what actually is data protection and will you see any changes from 25 May 2018? We’ll give you an overview of what you need to know about GDPR.

What is GDPR?

GDPR is the new set of data protection rules for all companies working and handling data within the European Union. And it doesn’t matter that we’re leaving the EU after Brexit – GDPR still applies to the UK for now.

The reason why we need GDPR to replace the Data Protections Act is because in 1998, the world of data was very different. The internet was still fairly new and we didn’t have social media.

Since then, technology has progressed so quickly that the Data Protections Act just doesn’t offer enough protection to customers anymore.

When you think of the term ‘personal data’, you might think this doesn’t really apply to you. You might think it just sounds like a list of numbers and technical information. But in reality, your personal data is anything that can identify you. That includes your name, your address, your telephone number and your email address.

This isn’t information you’d necessarily want to be made public and GDPR will help keep it safe.

How does GDPR affect you?

GDPR means that companies will have to change how they handle your personal data. For some companies, this will mean a lot of changes to ensure they meet the standards.

You won’t see any difference with the majority of these changes – they’re mainly to do with internal company processes. But there are some changes you should be aware of as they give you more rights.

  • GDPR introduces the ‘right to be forgotten’. This means that if a company doesn’t need to hold your data anymore because you’re no longer a customer, you might be able to ask them to delete it.
  • Under the Data Protections Act, you could make a ‘subject access request’ where you ask to see all of your data a company holds. And under GDPR, this request is now free and should take no more than a month.
  • Children get more protection under GDPR. If you have a child aged under 13, they can’t consent to using online services themselves. You’ll have to consent on their behalf.
  • And you’ll get more rights in terms of consent too. Companies need to make sure they have the right permissions to contact you. What this will mean is that you’ll have more opt ins when you use online services. This ensures only companies you’re actually interested in can get in touch with you.

You can read more details about GDPR by heading over to the Information Commissioner’s Office (ICO) website.

share this article