The new General Data Protection Regulation (GDPR) is set to come into effect on 25th May 2018, at which time those organisations in non-compliance may face heavy fines.
What is the GDPR?
What information does the GDRP apply to?
The GDPR specifies that any personal data must be:
The controller is responsible for, and must be able to demonstrate compliance with the above principles.