The General Data Protection Regulation (GDPR)

The Data Protection Act (DPA) 2018 is an update to UK laws that include the European Unions General Data Protection Regulation (GDPR). Data Protection Act 2018 achieved Royal Assent on 23 May 2018

Directly applicable in EEA Member States on 25 May 2018, GDPR will remain in force in the UK post Brexit.

GDPR Protection Principles

The GDPR has seven protection principles that companies and organisations are obligated to fulfil to aid in the proper collection, use and protection of data. The GDPR protection principles are as follows:

  • Lawfulness, fairness & transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

Put simply, companies must know what data they collect, why they collected it, where they collect it, where they store it, how they secure that data, have agreed who owns the data and takes responsibility for it and much more.

Individual rights under GDPR

In addition to the seven major protection principles, companies must support the seven GDPR Directives to provide the public control over their data.

Individuals have rights over their data and they are as follows:

  • Purpose – its clear why you need the data
  • Lawfulness, fairness and transparency – be clear, open, honest and fair about using personal data
  • Data Minimisation – data is minimal, adequate and limited to its purpose
  • Data Accuracy – data is correct and up to date
  • Storage Limitation – erase when you don’t need it
  • Integrity and Confidentiality – you keep it safe and ensure you don’t lose it
  • Accountability – you take responsibility and you can prove it

Metatec GDPR Compliance Manager

GDPR Compliance Manager

Metatec have recognised that the GDPR and ICO has placed a large expectation on a company and that companies must maintain adequate documentation, keeping many records of data, breaches, requests from the public excercising their rights and so on.

To reduce the burden, Metatec are very close to releasing their GDPR Data Portal software.

Our GDPR software will enable you to:

  • Keep a track of what data you have
  • Log requests from the public
  • Record any data breaches (no matter how small)
  • Workflows and reminders to keep you on schedule
  • Dashboard giving you a compliance summary
  • Task lists to ensure nothing is forgotten
  • Maintain evidence

All this will be available online via our Cloud Software as a Service (SaaS) package called Erudite, securely and mobile optimised for a fair monthly subscription fee.

To learn more, visit

If you need support with GDPR and want some advice, we can provide you with the consultancy and support, get in touch to discuss.