The Most Frequently Asked Questions Regarding Data Protection
Data protection law in the UK is mostly dealt with under the Data Protection Act 2018, and the latest version of the General Data Protection Regulations retained UK law following the UK’s exit from the European Union.
Knowing what is necessary for your business to do in order to ensure it is 100% compliant with Data Protection law can be daunting, and having a dedicated legal team such as our own can be vital.
Our team of experts are vastly experienced in all areas of Data Protection Law and are on-hand to provide their know-how and guidance on the entire process of making your business compliant.
Here you will find answers to the most frequently asked questions on Data Protection. If you have a question that you can’t see here, then feel free to get in touch with us.
Data Protection Frequently Asked Questions
The UK retained a version of the GDPR, or General Data Protection Regulations, when it left the EU and so all UK businesses will need to comply with that retained version of the GDPR (often called the UK GDPR). In addition, if you process the personal data of any EEA national, you will also need to also comply with the EU GDPR.
There are seven principles of the GDPR and they are lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (i.e. security) and accountability.
‘Soft opt-in’ is a concept derived from the Privacy and Electronic Communications Regulations. It is where a business sends marketing messages to a customer using data gathered from that customer when they bought or expressed interest in business’ products or services at an earlier date.
You can only use soft opt-in where you are offering goods or services to that customer which are similar to the goods or services previously bought by them or in which they previously expressed interest. Soft opt-in can only be used when you are selling something or negotiating to sell something and so soft opt-in cannot be used for campaigning or fundraising (for example, on behalf of a charity).