What is GDPR?
General Data Protection Regulation (GDPR) is an EU regulation that puts an umbrella over the data privacy laws in member countries. This idea brings all nations within the same regulation, preventing breaches in data. Therefore, it protects the privacy of citizens. This regulation impacts on how a company collects, stores and uses someone’s data.
How should companies act?
Companies are expected to ensure that personal data is processed lawfully, with fairness and with transparency. It should only be used for legitimate purposes. The data collected should be limited to what is necessary, and it is the company’s responsibility to keep this up-to-date. If the data is no longer needed and there is no legal basis to retain the data, then the company is expected to delete the data.
The Information Commissioner’s Office has defined personal data as relating to information that makes a person directly or indirectly identifiable.
When dealing with any financial organisations, it is essential to visit the privacy page on the website and be clear about your preferences. You should also be able to read the GDPR policy on an organisation’s website.
What about Brexit?
Initially, it was thought that Brexit would cause no change to the UK and its position within GDPR. Indeed, if the UK moves into the transition period and beyond, this is still the case. Equally, any UK company dealing with remaining EU countries will be expected to maintain GDPR for these citizens.
However, what is less clear is what happens with a no-deal. There is a possibility that the UK could be classed as a third country. This means that the transfer of data within the EU could fall under much stricter regulation. The assurance that your data is being dealt with lawfully becomes much more complicated – and companies will be expected to prove the adequacy of data storage mechanisms.
This will have little impact on individuals unless you hold the data of people in Europe. However, you may find you receive a host of data related emails, informing you of the adaptations a company is being asked to make to its data handling and process. Time will tell what other changes Brexit could bring to the way UK law will choose to deal with data.
The content in this article was correct on 25th February 2019. You should not rely on this article to make important financial decisions. Teachers Financial Planning does not offer advice of GDPR but follows regulations laid out in the use of your data. Please use the contact form below to arrange an informal chat with an advisor and see how we can help you.