In today’s digital age, the protection of personal data is of paramount importance. With the implementation of the UK General Data Protection Regulation (UK GDPR), businesses face increased responsibilities and obligations when it comes to handling and processing personal data. At Oracle Solicitors, we understand the complexities of data protection and UK GDPR compliance and offer expert legal services to help safeguard your business and ensure compliance with the latest regulations.
The Data Protection Act 2018 (DPA 2018), as applicable following the end of the Brexit implementation period, addresses a number of distinct data protection regimes in UK data protection law:
- general processing of personal data subject to the United Kingdom General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR)
- processing of personal data by competent authorities for law enforcement purposes
- processing of personal data by intelligence services
UK GDPR contains parts of the EU version of the GDPR ((EU)2016/679)), the DPA 2018 and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2326).
The EU GDPR may apply to UK controllers or processors who have an establishment in the EU. Therefore, you could be subject to dual data protection regulatory regimes. It is therefore essential to obtain legal advice at an early stage to clarify your position and obtain advice from our specialists.
Fines
You could face a fine of up to 4% of global turnover of the preceding financial year or £17.5 million (whichever is the greater) for grievous breaches and up to 2 % of annual global turnover of the preceding financial year or £8.75 million (whichever is the greater) for other breaches.
There are various obligations for the controllers and processors which they must observe and obey by.
UK GDPR Definitions
A controller is an individual (including a company) who determines the purposes and means of processing personal data.
A processor is an individual who processes personal data on behalf of the controller.
Processing covers collecting, recording, storing, using and erasure or destruction of data.
How we can help
- Any registration processes
- Buying and selling databases
- Complaints made to the Information Commissioner’s Office (ICO)
- Conducting a data privacy impact assessment
- Contractual agreements and data protection clauses to protect your business
- Data breach issues, including reporting
- Data export issues with countries outside of Europe that do not provide “an adequate level of protection” under EU law, such as data transfer and international cloud computing
- Data protection assessments and audits
- Data retention and when records should be destroyed
- Drafting data protection policies and processes
- Your obligations under the current Data Protection Act 2018 and the GDPR
- Due diligence when appointing new business partners
- Electronic communications and marketing
- Formal enforcement action by the regulator (ICO)
- Staff training
- Subject access requests and the new subject rights under GDPR
- When you need to appoint a data protection officer and their duties of governance
- Your data processing and sharing agreements
- Your existing and potential websites and other digital user applications, including policies related to privacy, consent mechanisms, privacy dashboards, terms of use and cookies
- Your obligations over the handling of employee data, recruitment and monitoring practices
Whether malicious or inadvertent, internal or external, breaches of data security have the potential to cause extreme disruption to individuals and businesses. As the frequency, severity and public awareness of data incidents have grown, the risks of reputational damage, substantial regulatory penalties and litigation from aggrieved data subjects have increased significantly, pushing business concern over data protection ever higher up in the corporate agenda.
Oracle Solicitors advises businesses and individuals with regard to data security, data protection policies, ICO investigations and audits, UK GDPR compliance and the defence of criminal and administrative proceedings under the data protection legislation.
We can ensure that mistakes are put right, private information stays private and that compensation is received for financial damage and emotional distress.
Should you ever require assistance, our experts can offer you the advice and assistance you need in making the necessary applications throughout. Please call 020 3051 5060 or leave your message with your contact details and we will get back to you.
-
Aviation House, 125 Kingsway
London WC2B NH
United Kingdom
- (+44) 020-3051-5060
Book a call back