What is the GDPR?
The GDPR (General Data Protection Regulations) comes into force on 25th May 2018 and it intends to strengthen and unify data protection rights for individuals. All organisations need to be compliant with the new rules to protect all personal data held by them, including employee data, customer data, supplier data, data relating to members of the public, online tracking data etc. Any data that you process (including just storing) that identifies a living individual is regarded as ‘personal data’ and you need to ensure your compliance with the GDPR. )
GDPR guidance from the Information Commissioner's Office
GDPR requirements for research