Inside content area, use arrow keys or tab to access content

Welcome to the Lloyds Bank General Data Protection Regulation (GDPR) information site.

The site contains information about the GDPR changes. It includes some considerations when getting your organisation ready for GDPR, as well as providing you with details on where to go for further information.

You can also find details of the changes that Lloyds Banking Group is making for compliance and what this means for your business.

What is GDPR and what’s changing?

The General Data Protection Regulation (GDPR) is an opportunity for every organisation to embrace the changes that give individuals' more control and rights over their personal data.

Safeguarding the personal data of our customers and colleagues is a priority for Lloyds Banking Group. We welcome the measures introduced through GDPR, and encourage our customers and partners to take action too.

The new regulation is receiving a lot of attention. If your business works with personal data, then you need to make sure you are GDPR ready by the time it becomes enforceable on 25th May 2018.

The GDPR regulation is all about giving people greater control over what happens with their personal data and strengthens everyone’s rights. Some of the key changes:

  • Greater control for everyone – your customers and your employees
  • More responsibility and obligations for controllers and processors to protect individuals’ rights
  • Keeping individuals informed and providing clarity about what your organisation is doing with the personal data you collect, hold and use
  • Increased Individual rights including the ‘right to be forgotten’ and the ‘right to restrict’ what is being done with personal data
  • The right to compensation when an individual’s rights are not upheld
  • Mandatory reporting for data breaches
  • Quicker response times and no charges for data subject access requests, as well as providing in the requested format
  • Changes to the way in which marketing consent is given – consent must be freely given
  • Greater responsibility on everyone to take personal data seriously

What do I need to consider?

All organisations have legal and regulatory obligations to ensure compliance with existing and any new data privacy legislation.

This new EU legislation strengthens individual privacy rights and requires that data privacy forms part of everything we do. Whether you are designing new products, working with customers and/or suppliers or dealing with employees, every organisation has a responsibility to ensure compliance when dealing with personal data.

GDPR represents the biggest overhaul of European Data Privacy legislation in 20 years, superseding the EU Member State laws on Data Privacy including the UK’s Data Protection Act 1998. Everyone needs to be working within the new and enhanced framework.

For customers & employees, the new regulation requires you to:

  • deliver on their privacy rights
  • protect their personal data
  • be transparent around what you are doing with their personal data

Where can I find out more?

Ready, steady, go

Ready, Steady, Go

Our Ready, Steady, Go brochure provides you with information to think about and consider when getting ready for GDPR