The General Data Protection Regulation (GDPR) was implemented on 25 May 2018.
Many webinars and articles have summarised how the GDPR works conceptually but then done little to explain what this means in practice.
Part 1 of this webcast provides a grounding in the underlying law but also tries to go further by offering practical guidance as to how it should be implemented in the trusts and estates context. In particular it discusses how to identify the personal data of clients, which lawful grounds for processing it are likely to be relevant, what additional grounds are required for special category data and how and when to provide information to data subjects (including beneficiaries).
Part 2 relates to data subjects’ rights and how those rights interact with existing trust law. Part 3 explains some of the practical lessons learned and highlights the points that STEP is still working on to clarify with the ICO.
- Edward Hayes, Burges Salmon LLP