To be trusted to serve Scotland we need to be trusted to protect the personal information of our customers and colleagues. It's not just the law, it's the right thing to do and it relies on all of us.
On 25 May 2018, the EU General Data Protection Regulation (GDPR) came into force. This was the biggest change in data protection legislation for 20 years; bringing it up-to-date and increasing the requirements on all organisations that process personal data.
Personal data is any data that links to an identifiable person – which could be a name or a photo, an email address, bank details, employee number, a computer IP address, and so on.