What is GDPR and why is it important?
Data protection is the fair and proper use of information about people. It’s part of the fundamental right to privacy – but on a more practical level, it’s really about building trust between people and organisations. It’s about treating people fairly and openly, recognising their right to have control over their own identity and their interactions with others, and striking a balance with the wider interests of society.
The UK data protection regime is set out in the DPA 2018, which can be found on the Gov.uk website, along with the GDPR which also forms part of UK law. It takes a flexible, risk-based approach which puts the onus on you to think about and justify how and why you use data.
The Information Commissioner’s Office regulates data protection in the UK. They offer advice and guidance, promote good practice, carry out audits, consider complaints, monitor compliance and take enforcement action where appropriate. Find out more information about their services on the Information Commissioner’s Office website.