Are the obligations the same regardless of the amount of data my company/organisation handles?

Obligations for organisations under EU data protection law are based on the type and volume of their activity not their size.

What does data protection ‘by design’ and ‘by default’ mean?

Under the EU’s data protection law data protection has to be built into the early stages of product design.

What is a data breach and what do we have to do in case of a data breach?

EU rules on who to notify and what to do if your company suffers a data breach.

When is a Data Protection Impact Assessment (DPIA) required?

EU rules on what companies have to carry out data impact assessments and how.

What rules apply if my organisation transfers data outside the EU?

EU data protection rules makes sure data transferred outside the EU gets a high level of protection in three ways.

How can I demonstrate that my organisation is compliant with the GDPR?

Tools available to check your organisation adheres to the EU’s data protection law.