The following Financial Services guidance note provides comprehensive and up to date legal information covering:
The General Data Protection Regulation (the GDPR) (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC), was published in the Official Journal of the EU on 4 May 2016. Its provisions became directly applicable and fully enforceable in all EU Member States, including the UK, on 25 May 2018.
The GDPR replaces Directive 95/46/EC, the Data Protection Directive, which was incorporated into UK law via the Data Protection Act 1998 (DPA 1998) (now repealed). The GDPR has introduced substantial amendments to data protection law in the UK, including the repeal of DPA 1998. For background reading on the GDPR, see Practice Notes: The General Data Protection Regulation (GDPR) and EU data protection reform—timeline [Archived].
For a comprehensive introduction to the GDPR, collating key practical guidance, see: GDPR toolkit.
Specific implementing legislation was not required to transpose the GDPR into domestic law, although the GDPR contains provisions allowing EU Member States to introduce further domestic provisions in a number of areas. In the UK, the government introduced the Data Protection Bill 2017, to repeal DPA 1998
**excludes LexisPSL Practice Compliance, Practice Management and Risk and Compliance. To discuss trialling these LexisPSL services please email customer service via our online form. Free trials are only available to individuals based in the UK. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
To view the latest version of this document and thousands of others like it, sign-in to LexisPSL or register for a free trial.
Existing user? Sign-in
Take a free trial
Take a free trial
0330 161 1234