The EU General Data Protection Regulation (GDPR) and Data Protection Act 2018 are now in force. This has been described as “the biggest change to data protection law for a generation”. It’s not just us saying that – those are the words of the Information Commissioner, Elizabeth Denham.
There has been a lot of focus on the consequences of getting data protection compliance wrong, with headlines about fines of up to €20million, or 4% of global annual turnover if that is higher. At Mills & Reeve we focus on the practical steps your organisation can take to get data protection compliance right. You can access key information about the GDPR by clicking on the icons below.

Lawful processing
Information for data controllers needing to process personal data lawfully, fairly and transparently.
Information on the principle of transparency under the GDPR.
Data security
Information on technical and organisational measures to achieve data security.
Individuals' rights
Find out more about the data subject's rights under the GDPR.
Information on the principle of accountability for organisations processing personal data.
GDPR services
With the GDPR and UK Data Protection Act 2018 now in force, our unique approach will help you comply with the new regime.
Our recent work
Find out about some of the work we are doing for clients across the UK.
Get in touch
Contact one of our lawyers to discuss your GDPR concerns.