Posted By
Ann Bevitt

Privacy regulations in the EU and the UK have undergone significant changes in the past several years, which affect companies worldwide: the General Data Protection Regulation (GDPR), which came into force in 2018, impacts any company that operates an EU-facing website to market goods or services to EU-based individuals and/or monitors EU-based individuals, e.g., with cookies or other similar technologies. The impacts of the GDPR on companies with an online presence in EU are far-reaching and have required numerous changes to the way businesses handle personal information. Although Brexit is raising some questions regarding how the GDPR will be maintained in the UK, the expectation is that the UK will closely follow the GDPR. Accordingly, the GDPR will remain an issue for anyone dealing with people based in other EU member states and the UK.

The GDPR places significant obligations on businesses including:

  • a strict definition of consent, making it difficult to obtain
  • significant requirements around profiling, sensitive data handing, data retention and use, which restrict what companies may do with the data they collect and how they store and handle the data they collect
  • significant obligations on and liabilities for data processors
  • breach notification requirements
  • sanctions for failure to comply, which could result in fines of up to 4% of annual turnover or €20 million (whichever is higher)

GDPR compliance encompasses more than having correct policies; for many companies, it may affect business operations and require new technology or changes to configurations of existing technology. Becoming and staying GDPR compliant should be a multi-stakeholder process, involving both internal company resources across the organization and external advisers.

We can help you with GDPR compliance. We have a team of experienced practitioners who understand what it takes to comply with the GDPR in a way that complements your business priorities. If you would like further information on what you should be doing to ensure that you are compliant, please contact us – we are here to help.

Cooley GO

Other Resources

Thought Leadership

Client alerts


Press comments

Last reviewed: January 15, 2022