The General Data Protection Regulation or GDPR is a European Regulation which harmonises data protection law across the EU.
In the UK, the Data Protection Act 2018 enacts the GDPR into UK law and it is these two pieces of law that are the focus in terms of building a compliant business framework.
However, there are other pieces of law which must be considered at appropriate times for example, the Privacy and Electronic Communications Regulation which has requirements relating to online marketing.
The legislation is easily accessible online:
GDPR – https://gdpr-info.eu/
Data Protection Act 2018 – https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted
Contact us at any time to discuss your requirements or to clarify what the law expects of your business.