Businesses across the UK are preparing for the biggest overhaul of data protection legislation in over 25 years. As of 25 May 2018 a new EU law, the general data protection regulation (the “GDPR”), will come into full effect. Regardless of Brexit the GDPR is here to stay and given the increased monetary penalties it is important that businesses are aware of what they need to do to ensure compliance.
The changes under the GDPR are particularly significant to charities because charities rely on contacting donors and supporters for funding and therefore often handle high volumes of personal data, particularly in terms of direct marketing. There is however significant confusion in the legal press as to how the changes to consent for the purposes of processing personal data under the GDPR interact with obtaining consent for email and SMS marketing under the Privacy and Electronic Communications Regulations (“PECR”).
Whereas previously, under the