The GDPR extends the data rights of individuals (data subjects), and places a range of new obligations on organisations that process EU residents’ personal data.
The DPA 2018 (Data Protection Act 2018) supplements the GDPR by filling in the sections of the Regulation that were left to individual member states to interpret and implement.
The GDPR will be enacted in UK law after Brexit under section 3 of the European Union (Withdrawal) Act 2018.
If your organisation is not fully compliant with the law yet, you should prioritise addressing those areas where a lack of action leaves you exposed. Where an infringement occurs, demonstrating you have made a start should help reduce potential GDPR fines and penalties.
Whatever stage of your compliance journey you are at, Apponotec can help you. Speak to one of our consultants today to find out how your organisation can become GDPR compliant.