Since the UK has left the EU, GDPR will now be referred to as UK GDPR or Data Protection.
The rules governing the processing of personal information of an individual based in the UK will not change under UK GDPR.
Discussions are ongoing regarding the rules on individual information exchanged between the UK and the EU.
For the most up-to-date information please refer to the Information Commissioner’s Office (ICO) and Using Personal Data After the Transition Period.
For further information on current GDPR requirements please refer to the Scottish Procurement Policy Note (SPPN) SPPN 2/2018 . The SPPN includes some background information and some information about how this impacts on public procurement.
Quickfire Guide
The key messages of the SPPN are:
The SPPN also includes some additional information for organisations including, for example, specific actions required by organisations and The Law Enforcement Directive (LED).