GDPR: The Myths busted

Here are the comments we've heard about GDPR and the reasons they're just Myths.

The UK will not enforce GDPR following Brexit

Unlikely, as the UK was a key contributor to creating the new legislation and will likely map GDPR into post-Brexit law and replace the UK Data Protection Act.

I am a small business therefore GDPR does not apply to me

Whilst there are some concessions to micro and small businesses, particularly in relation to record keeping, the GDPR applies to all organisations ‘engaged in economic activities’ involving the processing of personal data.

There will be no financial penalties for breaching GDPR legislation

Organisations that are deemed ‘non-compliant’ can be fined up to 4% of annual global turnover or €20 Million, whichever is greater. These are maximum fines for the most serious infringements and fines will be tiered based on severity.

My data is encrypted so I don’t need to worry about fines

Fines can also be levelled for an infringement of the data controller or data processor obligations, not just security breaches.