Data Protection legislation aims to protect and safeguard individual’s personal data.
The General Data Protection Regulation ((EU)2016/679) (GDPR) is a European Regulation which came into force in all EU member states on 25th May 2018. In the UK, the Data Protection Act 2018 (“DPA”) implements the GDPR into UK law. The DPA largely mirrors and expands upon the GDPR.
1. Data controllers and data processors
Your obligations under data protection legislation vary depending on whether you are a Data Controller or Data Processor.