What is GDPR?

The General Data Protection Regulation (GDPR) is an EU law designed to protect personal data and privacy.

What is the Data Protection Act (DPA)?

The DPA 2018 is UK legislation that complements GDPR, outlining specific data protection rules in the UK.

Does GDPR apply to small businesses?

Yes, GDPR applies to all businesses, regardless of size, that process personal data of UK or EU citizens.

What are data subjects rights under GDPR?

Data subjects have rights like access, rectification, erasure, data portability, and the right to object to processing.

What is considered personal data?

Personal data includes any information that could identify a person, such as names, email addresses, or IP addresses.

What are the penalties for non-compliance with GDPR?

Fines can reach up to £17.5 million or 4% of annual global turnover, whichever is higher.

What is a data breach?

A data breach occurs when personal data is accessed, disclosed, or lost without authorization, intentionally or accidentally.

How should SMEs handle data breaches?

SMEs must report data breaches to the ICO within 72 hours if they pose a risk to individuals and notify affected individuals.

What is online privacy?

Online privacy involves protecting individuals personal data and communications while they use the internet.

What is cyber security?

Cyber security refers to protecting systems, networks, and data from digital attacks, theft, or damage.

What are common cyber threats for SMEs?

Common threats include phishing, ransomware, malware, and data breaches.

How can SMEs improve cyber security?

SMEs can improve security by using strong passwords, installing firewalls, updating software, and providing employee training.

What is the ICO?

The Information Commissioner’s Office (ICO) is the UK regulator responsible for enforcing data protection laws.