The European General Data Protection Regulation 

The European General Data Protection Regulation (GDPR) comes into effect across the EU on 25 May 2018. It replaces existing EU and UK data protection law and will continue in force even after the UK leaves the EU.

If you do not comply your organisation could be fined, so click here to find out more, or download our factsheet as a pdf.

The new UK Data Protection and Digital Information Bill is currently working through Parliament and is likely to become law in 2024. In particular it is hoped it will reduce the processing burden on charities leading to benefits particularly related to fundraising.  This CIOF blog considers some of the possible changes.


CCVS are not lawyers or legal advisors. This information is for information and should not be taken as legal advice. We have taken all care to ensure that what we have written is correct but cannot be held responsible for any errors. If you are unsure you must seek appropriate, qualified advice. If you see something that you believe is wrong then please let us know so that we can correct or clarify it.

Page last amended Oct 2023