Courses
GDPR

GDPR

As a leading provider of Business Compliance eLearning, our experts are often asked about the GDPR. We’ve collected all of those questions and answered them for you below…

Browse sections

Frequently asked questions
Documents & other resources

Frequently asked questions

When did the GDPR come into effect?
What is personal data?
Who does the GDPR apply to?
What are the possible penalties/fines of GDPR?
Does my workplace need a data protection officer (DPO)?
What happened to the GDPR after Brexit?
The GDPR began as an EU regulation, which means that it’s enforced by the EU and applies only to member countries. So, once the UK left the EU, the GDPR will no longer apply to the data of UK citizens. However:
1. UK organisations still need to comply with the EU Regulation if they ever handle the data of EU citizens. The Government has brought into law the Data Protection Act 2018 which is an almost carbon copy of the GDPR, so being GDPR compliant means you’re also Data Protection Act Compliant.
2. The EU Regulation, via the Data Protection, Privacy and Electronic Communication Regulations has been brought into UK law, amended to remove any mention of the EU and now stands as the UK GDPR.
Organisations which process both EU and UK citizen data will need to handle both sets of data according to the Regulation which applies to them (i.e. EU GDPR for EU citizens and UK GDPR for UK citizens).
Am I exempt from the GDPR if I have fewer than 250 employees at my company?

No matter the size of your company; how many employees you have, customers you serve, or what your annual turnover is, the GDPR applies to you. That magic 250 employee threshold is only mentioned once in the regulation and that’s in relation to record keeping. The GDPR requires that you keep detailed records of all processing activities – including records of consent, decision making, privacy notices etc. – but with fewer than 250 employees, you don’t need to. However, the rest of the GDPR still applies in full.

Documents & other resources

White Papers/Guides

An Overview of the GDPR

The GDPR was enforced on the 25th of May 2018 and was introduced to unify and strengthen data protection for everyone.

Forms/Checklists

GDPR Checklist

Review the risks to data your organisation faces and assess whether the measures you have in place are up to the task of preventing them.

Instant download

White Papers/Guides

The Six Lawful Bases for Processing Data

Find out more about the Six Lawful Bases for processing personal data.

Instant download

Forms/Checklists

GDPR Accountability checklist

Accountability is arguably the most important principle of the GDPR. Accountability is all about demonstrating that you’re complying with the GDPR.

Instant download

Posters

Day to Day good practice for GDPR

If your job involves handling personal information then you have a responsibility to ensure that this data is kept private and confidential.

Instant download

Forms/Checklists

Data Protection Principles

Everyone who uses personal data must follow strict rules and you’ll learn about these as the principles of data protection.

Instant download

Forms/Checklists

Rights over your personal data

The GDPR covers personal data about an identifiable, living person. It can be anything from a name, a photo, an email address, a person’s bank details, posts on social media, medical information, etc.

Instant download

An Overview of the GDPR

GDPR Checklist

The Six Lawful Bases for Processing Data

GDPR Accountability checklist

Day to Day good practice for GDPR

Data Protection Principles

Rights over your personal data

UK GDPR Essentials Training

UK GDPR Advanced Training

Data Protection Officers

Product

Support

Company

Blogs, news & updates

GDPR

Browse sections

Frequently asked questions

Documents & other resources

Related videos

UK GDPR Essentials Training

UK GDPR Advanced Training

Data Protection Officers

Related courses