GDPR FAQs | Frequently Asked Questions | IT Governance UK

Account

United Kingdom

Select regional store:

£ GBP

ProtectComplyThrive

Please enter more than 3 characters

+44 (0)333 800 7000

Prepare for the storms and navigate to cyber safety with IT Governance. Find out more

Speak to a GDPR expert

If your question has not been answered, get in touch using one of the methods below to speak with one of our GDPR experts.

This page answers frequently asked questions about the GDPR (General Data Protection Regulation).

Questions are grouped by topic – simply use the links below to find the answers you need.

If you have a general question that isn’t answered here, let us know and we’ll do our best to update this page.

Alternatively, if you have a more complex query, why not talk to one of our consultants using our GDPR Ask Us service?

General

What is the GDPR?
What is the difference between EU regulations and directives?
Where can I find the full text of the GDPR?
When did the GDPR take effect?
How does the GDPR relate to the DPA (Data Protection Act) 2018
How will Brexit affect the GDPR?

Accountability

Do I need a lot of documents to comply with the GDPR?
How do you write a GDPR privacy notice?
How do you write a GDPR data subject access request procedure?
How do you write a GDPR-compliant data protection policy?
How do you write a GDPR personal data breach notification procedure?
How do you comply with Article 30 of the GDPR?

Breaches

How do you report a personal data breach?
What are the penalties for not complying with the GDPR?
What happens if I have missed the GDPR enforcement deadline?

Compliance

What are the GDPR’s rules on security?
What are the GDPR’s data processing principles?
What lawful bases for processing should we use, and do we always need consent?
What rights do individuals (data subjects) have under the GDPR?
Does my organisation need to register under the GDPR?
How can ISO 27001 help me comply with the GDPR?
Why are risk assessments essential for GDPR compliance and how do you perform them?

Data protection officer

Which organisations must appoint a DPO (data protection officer) under the GDPR?
Can organisations share a DPO (data protection officer)?

Scope

What sort of data processing does the GDPR apply to?
How does the GDPR define personal data?
How does the GDPR affect businesses outside the EU?
What is a data breach under the GDPR?
What is the difference between personal data and sensitive data under the GDPR?
What is the difference between a data processor and a data controller under the GDPR?

Speak to a GDPR expert

This website uses cookies. View our cookie policy