GDPR Implementation and On-Going Maintenance

On 25th May 2018, the General Data Protection Regulation (“GDPR”) came into effect for all firms operating within Europe as well as firms outside of Europe which have data come in from, go through or end up in the EU. As part of this regulation, individuals will be afforded enhanced rights regarding their data. This includes:

Data minimisation – Ensuring firms acquire, keep and use only data that they need to operate. This also includes securing informed consent for the use of personal data.
The right to be forgotten – Under GDPR, individuals have extended control over their data. They can request to know what data firms hold on them and can ask for said data to be deleted.
HR and employee records – Unless a firm has a good reason to retain ex-employees’ data, it should be deleted.
Data safeguarding – Ensuring firms have adequate protection policies in place.

GDPR is wide reaching and affects firms and their procedures to a degree not seen in 20 years.

INSIGHTS & EXPERTISE

NEWS & EVENTS

Webinar: Beyond Compliance: What the 2025 Consumer Duty Report Tells Us

Webinar: Unlocking the Power of ViCA, Your AI-Powered Virtual Compliance Assistant

Online Training Course: Your MLRO Training Day

Webinar: Navigating the IFPR Impact: Good and Poor Practices Observed

In-Person Training Course: Your MLRO Training Day

In-Person Training Course: Your MLRO Training Day

Subscribe for Exclusive Regulatory News and Updates

Member of:

Accredited by:

Member of:

Accredited by:

Global Offices

Complyport (UK)

Complyport (UAE)

Complyport (EU)

Connect With Us