What is GDPR?

The EU’s General Data Protection Regulation (GDPR) came into force on 25 May 2018 and was introduced to unify all EU member states' approaches to data regulation, ensuring all data protection laws are applied identically in every country within the EU. It was designed to protect EU citizens from organisations using their data irresponsibly and puts them in charge of what information is shared, where and how it's shared. The provisions of the EU’s GDPR were previously incorporated directly into UK law through the Data Protection Act 2018, and following Brexit the EU’s GDPR no longer applies to the UK instead RAM is required to comply with the UK GDPR.