Skip to main content

GDPR Introduction & Information

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. Members will find sufficient information on this page to help them to understand the general requirements of the new GDPR regulations. The steps that are required are straightforward and are detailed here.


What is GDPR?

GDPR relates only to personal data and it concerns how the data is collected, stored in a secure facility, controlled, audited and deleted - when it is no longer required. GDPR will require all businesses to review their position in relation to the storage of personal data and to improve their current Data Protection procedures.

What is personal data?

Personal data uniquely identifies an individual i.e. their NI Number, Bank Account details, e-mail addresses, Facebook details, Date of birth etc. 

What you need to engage with GDPR

GDPR will change how data protection and data handling operates in businesses. It could affect your business in various ways.  Fines under GDPR can be up to €20 million or 4% of turnover, whichever is higher, so it’s important to start considering what you will need to do, right away.  

ECA has produced a 10-step guide for members to start their journey towards meeting GDPR requirements. For further details and how to comply, please visit the ICO website.

ECA has also produced the following guides for members to help understand some of the key terms and processes involved in GDPR, including:

  • GDPR Introduction
  • 10 key steps to engaging with GDPR
  • Consent to collect and process personal data
  • What, Where, When, How and Who of Data Mapping

The 10 key steps can be found below on this page and all other guides are availabe from the downloads section.


GDPR Guidance for Small Member Companies


This guidance helps smaller Member companies engage with GDPR requirement.

Published 31 Oct 2023

Guidance note on the ICO Fee


Guidance on the requirement for the new ICO Fee

Published 25 Feb 2020 Last reviewed 25 Feb 2020

Infographic on Data Mapping


The Who, What, Where, Why & How of Data Mapping

Published 26 Mar 2018 Last reviewed 26 Mar 2018

Getting consent for GDPR


This guidance note outlines the key requirements for gaining consent to collect and process personal data under GDPR

Published 06 Feb 2018

GDPR Guidance with ECA & BESA


ECA & BESA guidance outlining the general date protection regulation (GDPR)

Published 05 Oct 2017 Last reviewed 05 Oct 2017

Creating a Privacy Statement/Notice


Guidance for Members on creating a Privacy Statement/Notice under UK Data Protection law