GDPR Compliance

Why it is vital to safeguard data

The General Data Protection Regulation is a European directive designed to improve and unify the way that organisations operating across the EU collect, handle, process and store personal data.

Having become enforceable on 25th May 2018, the GDPR has superseded the Data Protection Act 1998 in the UK to expand the requirements of storing personal data, improve information governance and impose more stringent sanctions on organisations that suffer a data security breach. Non-compliance can lead to large fines and damage to reputation.

Contact us to discover how Viewdeck’s GDPR services can help your organisation to achieve compliance.



Book a free 15 minute call with a GDPR expert

5 + 5 =

Introduction to GDPR

The General Data Protection Regulation (GDPR) is a new European privacy regulation which became enforceable in Law on May 25, 2018. It replaces the EU Data Protection Directive, also known as Directive 95/46/EC, it is intended to harmonize data protection laws throughout the European Union (EU).

Who does it apply to?

It applies to all Organisations with the purposes and means of processing personal data, including those established in the EU and others, whether or not established in the EU, that process the personal data of EU data subjects

Who governs GDPR?

GDPR is governed by The European Data Protection Board (EDPB). The EDPB includes representatives of the data protection authorities from each EU member state, and the Information Commissioners Office (ICO) is the UK’s representative. The ICO has been directly involved in drafting many of these:

  • The ICO is responsible for enforcing the GDPR in the UK. It has the power to conduct criminal investigations and issue fines. If an organisation doesn’t process an individual’s data in the correct way.
  • If a company requires and doesn’t have a data protection officer, it can be fined.

If there’s found to be a security breach within a company, it can be fined.

In the UK, these monetary penalties will be decided upon by ICO and the GDPR states smaller offences could result in fines of up to €10 million or two per cent of a firm’s global turnover (whichever is greater).

Those with more serious consequences can have fines of up to €20 million or four per cent of a firm’s global turnover (whichever is greater). These are larger than the £500,000 penalty the ICO could previously issue.