The EU General Data Protection Regulation

08 June 2016 Download PDF

The EU data protection landscape, having remained largely unchanged since 1995, is now on the brink of a radical transformation. After extensive negotiations, the GDPR was formally adopted on 4 May 2016 and is set to replace most EU data protection legislation, including the DPA in the UK.

 

Unlike the current Directive, the GDPR will be directly applicable in all EU Member States without the need for national legislation. It will apply from 25 May 2018.

The GDPR brings new concepts into the regulatory spotlight, including profiling and the right to be forgotten. It imposes extensive new obligations on businesses and transforms the role of the Data Processor. Rights for individuals are significantly strengthened and fines in respect of breaches are increased exponentially from £500,000 under the DPA, up to €20,000,000 or 4% of annual worldwide turnover under the GDPR.

This Brochure aims to explain the main differences between the Directive/DPA and the GDPR. We have used weather themed icons for categorising the changes, so that at a glance, you can see how this may affect your business.

Please see our Glossary on page 21 for an explanation of the defined terms and abbreviations that we have used in this Brochure.

If you would like more information on the GDPR or the DPA, please contact Ian Stevens, Emma Burnett, John Armstrong or Loretta Pugh.

 

Show more Show less

Back to top

Agency Database

Future Dates

* Estimated date

  • 1 October 2018

    Application date of the Insurance Distribution Directive.

  • 22 October 2018

    ESMA is due to provide advice to the European Parliament, the Council of the EU and the European Commission on the termination of the existence of national private placement regimes set out in Articles 36 and 42 in parallel with the existence of the passport in accordance with the rules set out in Article 35 and Articles 37 to 41 of the AIFMD.

  • 22 October 2018

    ESMA is due to provide a second opinion to the European Parliament, the Council of the EU and the European Commission on the functioning of the passport for EU AIFMs marketing non-EU AIFs in the EU under Article 35 of the AIFMD, and for non-EU AIFMs managing or marketing AIFs in the EU under Articles 37-41, and on the functioning of the marketing of non-EU AIFMs in member states and the management and marketing of AIFs by non-EU AIFMs in member states using national private placement regimes under Articles 36 and 42 of the AIFMD.