Introduction:
The UK General Data Protection Regulation (UK GDPR) ensures a balance between an individual’s rights to privacy and the lawful processing of personal data undertaken by organisations in the course of their business.
It aims to protect the rights of individuals about whom data is obtained, stored, processed or supplied and requires that organisations take appropriate security measures against unauthorised access, alteration, disclosure or destruction of personal data.