Data Protection Act and GDPR Policy

Data Protection Act and GDPR Policy for Technology Businesses
GDPR policy HERO

GDPR outlines European regulations that apply to the UK and that the UK has introduced by the Data Protection Act 2018. They have similarities, but cover different aspects of data protection.

What is Data Protection?

Data protection covers all processing, storing, organising, using, sharing and deleting of data on and offline. Securing data can mean enforcing a clear desk policy, shredding paper, locking drawers etc. and extends to wider use, such as where the data is stored, on which servers or cloud, and for how long. 

Why do you need a Data Protection Act and GDPR Policy?

The rise of the internet has led to an information boom, and personal information is constantly being transferred over the web. To protect a person’s fundamental right to privacy, governing bodies like have created laws and regulations in regards to data protection; imposing many legal duties, responsibilities and obligations on businesses. No where is this felt more than the IT industry.

As an employer, you need a policy in place to comply with the legislation. This should outline any penalties that may arise if people do the wrong thing and you need to prove that all your staff have received training and know the rules.

Do you suspect a breach? Don't dawdle. You must report a breach within 72 hours.

Speak to an expert

What is a Data Protection Act and GDPR Policy?

It is vital that businesses know their responsibilities in relation to data protection, as set out in legislation like the Data Protection Act and the General Data Protection Regulation (GDPR). One of our key tasks for our clients is to help review their contracts and operations to make sure they understand their obligations and remain compliant.

Speak to an expert

Table of contents

View the contents of a Data Protection Act and GDPR Policy

Key facts

Contact us for further information

 

Frequently Asked Questions

A: Both are law relating to the protection of personal data. The Data Protection Act 2018 (DPA) was enacted in the UK and created a framework for data protection. The General data Protection Regulation (GDPR) began life as a European Law, after the withdrawal agreement Parliament chose to retain the regulation and rebranded it the UK GDPR.

A: Broadly speaking, the DPA is the foundation, the base plate of UK data protection, how it is regulated by the Information Commissioner, and how the police force and intelligence agencies may use data. GDPR contains the principles, obligations and rights surrounding data protection. Together, the two compliment and supplement one and other.

A: Data Protection Laws can apply to many different businesses in different ways. Many companies nominate a Data Protection Officer who has the responsibility for compliance with the regulations. We at Law 365 offer our clients advice on their responsibilities and can help draft contracts and company policies that are up to date with Data Protection Law.

Ask our experts a question

Used by
  • Managed Services Providers
  • ISV, Software, Apps and IP
  • System Integrators Professional Services Consultancy Partners
  • Hosting Partners
  • Licensing Partners
Contact us

Kim Simmonds Founder and CEO

Get in touch with Law 365

Whether you have a question or are looking for legal help for your business we are here to help - our mission is to support your businesses growth with less risk

Book a free, no obligation call with our team.

Speak to an expert