The European Union's General Data Protection Regulation (The European Union's General Data Protection Regulation (GDPR) is one of the most comprehensive overhauls of privacy regulation in recent history, and represents a significant expansion of the territorial scope of European privacy regulation. With less than three months to go until the scheme commences, Australian businesses should be asking the question: do I need to comply?

If your business:

  • has an establishment in the EU
  • provides goods or services to individuals located in the EU or otherwise monitors their behaviour,

then you must comply with GDPR from 25 May 2018.

The GDPR imposes strict new conditions on how businesses engage with and utilise EU residents' personal information. For a further explanation on how the GDPR might affect your business, and how best to manage these new compliance obligations, see our previous article.

This publication does not deal with every important topic or change in law and is not intended to be relied upon as a substitute for legal or other advice that may be relevant to the reader's specific circumstances. If you have found this publication of interest and would like to know more or wish to obtain legal advice relevant to your circumstances please contact one of the named individuals listed.