General Data Protection Regulation

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. This will be supported by a new Data Protection Bill in due course which will bridge the gap, post Brexit.  Together, these laws will replace the existing Data Protection Act 1998 and will provide a strengthened data protection framework.

The UK Data Protection Bill will become law when enacted as the Data Protection Act 2018. It will explicitly bring provisions of the EU General Data Protection Regulation (GDPR) 2016 into UK law and establish continuity of the GDPR. The Act will legislate in areas where the GDPR allows flexibility at national level. It will also introduce legislation on processing for law enforcement purposes (in support of the EU Law Enforcement Directive) and by the intelligence services, and make provision for the Information Commissioner (the UK supervisory authority). The current Data Protection Act (DPA) 1998 will be completely repealed when DPA 2018 comes in force.

Our Privacy Notice has been written in line with the EU GDPR 2016. The Privacy Notice will be reviewed when the DPA 2018 comes in force in order to align it with the Act.

CRMC Privacy Notice V2 September 2019

CRMC Practice-Fair-Processing-Privacy-Notice

HIE Privacy Notice