Guide

Comply with data protection legislation

Introduction

Data protection laws control how businesses and other organisations use personal information. You must comply with these laws if your business stores or handles people's details - ie if you keep customer or employee records.

This guide explains your duties under the Data Protection Act 1998. It tells you how to use personal data fairly and lawfully, and what you must do to comply.

This guide also looks at individuals' rights under the Act and your data protection duties when recruiting employees, managing employee records and monitoring workers. Finally, it offers advice on data protection penalties and enforcement.

The General Data Protection Regulation (GDPR) will apply in the UK from 25 May 2018. It will replace the 1998 Act and introduce new rules on processing and safeguarding personal data. Find out how to prepare your business for the GDPR.