Replaces. Data Protection Directive. Current legislation. The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU

How long can you keep personal data?

How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. For example, we have agreed that credit reference agencies are permitted to keep consumer credit data for six years.

What is a breach of data protection?

A data breach is a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.

What is sensitive personal data?

The Act provides a separate definition for "sensitive personal data". This relates to information concerning a data subject's racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offenses

.What is sensitive personal data GDPR?

Sensitive Personal Data. ... Definition under the GDPR: data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.