General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) will apply in the UK from 25 May 2018 and will replace the Data Protection Act 1998.

The new legislation has been introduced to take account of social and technological developments since 1998 and provides enhanced rights to individuals to enable more control over how their personal data is processed.

As a University we collect, use and store personal data in a range of different ways and for many different reasons and the GDPR will have implications for many areas of our activities. If your work involves collecting, processing, recording or analysing information on identifiable individuals in any way then you will need to be aware of the changes to the legislation and give consideration to its effects.

Further details can be found on the Cardiff University intranet and the Information Commissioner's Office (ICO).

Back to top