The General Data Protection Regulation (GDPR) is a European Regulation which together with content of the current UK Data Protection Bill will together form a new framework for regulating personal data in the UK from 25th May 2018 and will replace the current Data Protection Act 1998.
Implementation of the GDPR means that all data controllers and organisations collecting or in any way "processing" personal data must comply with the Regulation from 25 May 2018.
The SPCB is a data controller and is subject to the GDPR as are individual MSPs and independent officeholders.
This section of the website is under development to reflect work carried out in meeting compliance of GDPR.