The new General Data Protection Regulation (GDPR) came into force on 25 May 2018 across all EU member states. The UK Government's Data Protection Bill 2018 brings this into UK law so this will not be affected by Brexit. A similar bill is passed in all other EU member states, including the Republic of Ireland.

Data protection laws ensure that personal information is handled appropriately and securely by organisations including businesses, government agencies and charities. Any arts organisation, charity, community group or membership organisation has a legal duty to follow these laws when gathering, storing, sharing or processing this data.

The changes that GDPR brings to data protection laws are significant but following the guidance in our simple Briefing will help you prepare your organisation and avoid any potential breaches in the future.

This resource explains:

• What GDPR covers
• Types of data
• Principles of GDPR
• Definitions of key terms in plain English
• Individuals' rights
• Steps you should take
• FAQs (including mailing lists, children and photographing events)

Download Briefing 173: GDPR - Data Protection