GDPR – Protecting Consumer Data in the EU

GDPR (General Data Protection Regulation) will be in enforcement from 25th May 2018. It replaces the current Data Protection Directive in the EU and was designed to standardise the EU’s data privacy laws.

Our personal data helps us access entertainment, products and services and that means trusting the people we share it with. So from 25th May 2018, the new EU data protection regulation puts more responsibility on organisations who use consumer data and gives consumers greater control over how its used.

Businesses who interact with and collect data from customers online, for example, through an ecommerce website or a contact/enquiry form on the website, should make sure they are compliant with GDPR standards prior to enforcement data (25th May 2018). After this date, those organisations in non-compliance may face heavy fines.

GDPR declares that when consumers are asked for any personal data by a business, online service provider or public sector body, the business must tell the consumer clearly and in straight forward terms how they will use and protect the data collected. Only personal data that is needed to provide a service should be collected and should not be used or shared for any unrelated purposes. It must be kept safe from hacking or theft and it must be kept accurate and up to date.

More information about GDPR regulations for Irish businesses and individuals can be found on