The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or the government. Everyone responsible for using data has to follow strict rules called ‘data protection principles’.
The Data Protection Act 2018 sets out the framework for data protection law in the UK It updates and replaces the Data Protection Act 1998, and came into effect on 25 May 2018 ...
The General Data Protection Regulation (GDPR) is an EU regulation designed to simplify, unify and update the protection of personal data,
Following BREXIT GDPR has been incorporated into UK data protection law as the UK GDPR siiting alongside the DPA 2018 with some technical amendments so that it works in a UK-only context
It grants individuals rights regarding:Giving consent for data use:
- Access to your personal data
- Rectification – correcting errors
- Erasure – deletion of records
- Processing restrictions
- Data portability consent – swapping your data between companies
- Ability to object
- Automated decision making and profiling implications.
GDPR gives you more control over your personal information including the right to ask companies questions about the data they hold on you which, unless requested repeatedly, they must provide freely.
Companies must comply with GDPR meaning they have to ensure your data is safe and only use it with your express positive permission otherwise they risk very high fines.
The Information Commissioners Office (ICO) is responsible for enforcing The Data Protection Act and GDPR in the UK and they decide exactly what corrective measures should be imposed on an organisation for an infringement or potential infringement of GDPR.
Full details of Data Protection and GDPR can be found at the following links:
If you found this useful please share it