Any business or organisation which holds or uses personal data, which means virtually every business, is subject to data protection legislation, like the GDPR. The main pieces of legislation are the ...

The General Data Protection Regulation (GDPR) implemented in May 2018 stands as a landmark regulatory framework aimed at protecting personal data and privacy for individuals within the European Union ...

Parts of the UK GDPR have been changed and replaced by the Data (Use and Access) Act 2025. Find out what this means for your legal practice and what you need to do to stay compliant.

Under one in three organisations are fully compliant with the General Data Protection Regulation, despite the privacy legislation coming into force across Europe almost a year and a half ago.

The road to the European Union’s General Data Protection Regulation has been a game of catch-up with legislation responding to shifts in the technological landscape. Sweden was the first country in ...

For some time now, consumers and internet users across the globe have willingly relinquished large amounts of personal information to businesses, and as a consequence, we have seen companies with data ...

The authors do not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and have disclosed no relevant affiliations beyond their ...

At present all employers have to comply with the Data Protection Act 1998 (DPA) when conducting employee surveillance, as they will be gathering and using personal data about living, identifiable ...

If you do business with EU citizens, you must comply with General Data Protection Regulations (GDPR), including the mandate in Article 27 requiring many non-EU companies to appoint a data protection ...

Combined, both laws represent an evolution of data protection law in the way that they give individuals greater control over their personal data and require organisations to demonstrate greater ...