What is the General Data Protection Regulation (GDPR)?

It’s data protection regulation that came into effect on 25 May 2018.

What does GDPR mean for me?

GDPR has been designed to give individuals more control over their personal data. For example, it makes it easier for them to know what information organisations are holding about them and, in some cases, request that companies delete that data. Some organisations may be able to hold data on you regardless of your preferences due to legitimate interests. You can find more about how credit reference agencies in the UK use and share personal data here.

I’ve been receiving a lot of GDPR-related emails from companies. What do I do?

You may have received emails from organisations leading up to the GDPR ‘live’ date of 25 May 2018. You may still be receiving some now. Loosely speaking, these emails are split into two camps: opt ins, and updates to privacy policies.

If you’ve received an email asking you to opt in to receive further correspondence, you’ll have the option to agree or disagree to receive the emails, or you might choose to ignore the notice. If you get an email from an organisation telling you that they’ve updated their privacy policy, you don’t have to reply to them.

What if I’m still receiving emails and alerts that I don’t want?

If you haven’t already, you can unsubscribe to these communications. Depending on the company sending them out, it may take a few working days for your request to be processed. You may also contact the company through other methods, such as by emailing them to ask them to stop contacting you. If you keep receiving emails from them, you may wish to report this to the Information Commissioner’s Office (ICO).

Where do I go to for more information?

For a GDPR overview or more specific details on your right to get copies of your data, your right to data portability, and your right to get your data corrected or deleted, you can visit the ICO website.