Adley Gray Logo
YOUR PROBLEM OUR CHALLENGE

GDPR Compliance & Data Protection Solicitors

Keeping on top of GDPR compliance and data protection is vital for every business.

Failure to comply with GDPR (General Data Protection Regulation) can have serious consequences for your business, resulting in a significant fine or even a ban on all data processing.

GDPR compliance and data protection should be managed at the highest level in a business. Depending on the severity, a GDPR breach could even result in criminal sanctions.

Understanding the situation

If you are being accused of an offence related to GDPR compliance and data protection, employing a GDPR compliance and data protection specialist, who is up to date with all of the latest developments in this area, is vital. Otherwise, you could be putting your business in danger.

Consequences

GDPR compliance and data protection is vital for every business which processes personal data because non-compliance could result in your business operations being restricted, or even your company being closed down.

What is GDPR?

GDPR (General Data Protection Regulation) is an EU law to protect data belonging to EU citizens and residents. It came into force in the UK in May 2018. Any business which processes personal data is likely to be affected by the GDPR.

In the UK, the Data Protection Act 2018 (which replaced the Data Protection Act 1998) sets out the data protection regime, together with the UK GDPR. The UK GDPR is based on the EU GDPR.

There are four different regimes in the Data Protection Act 2018. Part 2 details a general processing regime (the UK GDPR). The purpose of part 3 is to set out the regime for law enforcement authorities. Part 4 is for the intelligence services.

The onus for GDPR and data protection falls on the business. This means that you must consider and justify why and how you use personal data.

There are a range of different offences related to GDPR compliance and data protection.
These include, but are not limited to, re-identification of de-identified personal data and unlawful disclosure of personal data.

What does Brexit mean for GDPR compliance and data protection?

The Data Protection Act 2018 was amended on 1 January 2021 by regulations under the European Union (Withdrawal) Act 2018.

Since the end of the Brexit transition period on 31 December 2020, UK organisations who only process domestic personal data must now comply with the Data Protection Act 2018 and the UK GDPR. If they also operate or monitor the behaviour of EU residents, or offer goods or services to EU residents, they may also need to comply with the EU GDPR.

Who regulates GDPR compliance and data protection?

The ICO (Information Commissioner’s Office) regulates and enforces GDPR compliance and data protection. It has issued sizeable fines with regards to GDPR compliance and data protection since the GDPR was brought into being in May 2018.

The ICO also cooperates with data protection authorities abroad, such as the European Data Protection Board (EDPB).

Any personal data held by your business falls under GDPR compliance and data protection laws.

Why is GDPR compliance and data protection so important?

GDPR compliance and data protection is vital for every business which processes personal data because non-compliance could result in your business operations being restricted, or even your company being closed down.

GDPR compliance and data protection: what are ‘data protection principles’?

Anyone in an organisation responsible for using personal data must follow a set of strict rules. These are known as data protection principles.

All personal data must be:

  • Kept for only the amount of time necessary
  • Only used lawfully, fairly, for specified purposes and in a way that is limited to only what is necessary
  • Handled in a secure way to protect against unlawful processing, loss or damage

Sensitive information, such as health, race and political opinions, is subject to stronger legal protection.

GDPR compliance and data protection: is it relevant to me?

GDPR compliance and data protection applies to anyone who has data about people for a business or other purpose not related to a household.

GDPR compliance and data protection law applies to the vast majority of businesses and organisations. It applies to the processing of personal data.

What happens if there is a GDPR compliance and data protection breach in my business?

Data breaches can result in serious consequences for a company. As well as being fined by the ICO, there could be significant damage to your reputation.

Other potential consequences include:

  • Individuals claiming against you for misusing their data
  • Officers and directors in your business threatened with legal action

GDPR compliance and data protection: what do I need to do if there is a data breach?

It is vital to act immediately and notify the ICO within no more than 72 hours of finding out about the data breach.

Financial penalties for data breaches can be costly. However, every data breach will not result in a fine.

The ICO may decide to opt for a warning and reprimand. Alternatively, you may face your data being restricted or erased. Permanent or temporary bans on data processing may also be imposed.

Needless to say, the damage to your company’s reputation which may be caused by these actions, can have serious consequences.

Why do I need an expert in GDPR compliance and data protection?

The consequences of a data breach can have a severe impact on your business. Companies have already been forced to close as a result of GDPR compliance and data protection issues.

Criminal GDPR compliance and data protection cases can be extremely complicated. Having a specialist at hand who can navigate GDPR compliance and data protection offences is crucial, in order to ensure the best possible outcome for your case.

If you are being accused of an offence related to GDPR compliance and data protection, employing a GDPR compliance and data protection specialist, who is up to date with all of the latest developments in this area, is vital. Otherwise, you could be putting your business in danger.

Seeking advice from someone with expertise in GDPR compliance and data protection, who understands the importance of both your reputation and the reputation of your business, is key.

GDPR compliance and data protection is about more than fines for data breaches. Employing the skills of an expert in GDPR compliance and data protection who understands the need to be discreet in order to keep the case out of the public eye, and will work with you to minimise disruption, can make all the difference.

Client was on bail for assaulting his infant son. Social services reported the claim, but there was no evidence, only the mother’s statement that the boy was injured by evening. Client explained the injury occurred when the boy fell off a bouncy castle, which was confirmed by four family members. By obtaining statements and submitting them to the police, we demonstrated the lack of evidence, and the case was dropped with no further action.


My client was accused of historic domestic abuse allegations. The police provided written disclosure in advance of an interview, and we were able to go through this and provide a four-page statement detailing evidence to the contrary on each allegation. The statement and evidence provided was so detailed that the police had no questions to put to my client, meaning that the interview process was far less stressful than he envisaged.


Client was on bail for domestic abuse in relation to his wife. This had been dragging on for some time. We were able to obtain the particulars of the allegations from the police and then to go through them with the client. We were then able to obtain evidence that contradicted the allegations, including statements from friends, which showed that the allegations could not be true and so the police took no further action against the client. By obtaining case details, going through these with the client, speaking to witnesses and obtaining corroborative evidence, it was possible to show that the allegations were fabricated.


Client was a health care professional employed on an agency basis. There was a historic allegation made by a former client. We were able to obtain the particulars of the allegation from the police and then to set about obtaining evidence from witnesses who could cast doubt on the allegations and serve this evidence upon the police and push them for a swift resolution. The client had been on a lengthy period of police bail at the time he instructed us, and we were able to speed the process up, which was key as the client was unable to work and had no income during the lengthy period of bail.


LET’S WORK
TOGETHER


Get in touch with us today to discuss how
we can help you solve your problem.

Get In Touch

Get in touch