The EU General Data Protection Regulation (GDPR) is a new EU regulation that will come into force on 25 May 2018. It will strengthen the current rules under the Data Protection Act (1998) by introducing new obligations for organisations and rights for individuals.


This new regulation will come into effect before the UK formally leaves the EU. On 21 May 2017, the UK government confirmed that it will introduce a new Data Protection Act to implement the GDPR. It is therefore clear that businesses will need to comply with the GDPR from 25 May 2018 and post-Brexit or face steep penalties.

These changes will impact how recruiters and recruitment businesses process candidate and client data. It is therefore essential that recruiters familiarise themselves with these changes and begin preparing.