General Data Protection Regulation

On 15 December 2015 the European Commission, Parliament and Council reached an agreement on the General Data Protection Regulation (the “GDPR”), which is expected to be adopted shortly. When it comes into force (approximately two years from now) the GDPR will update and overhaul European data protection law. While many fundamental concepts and principles will remain broadly the same, the GDPR provides for significant changes which will have wide ranging impacts on a broad range of sectors, which include the following key points: