Our promise to you
The General Data Protection Regulation ("GDPR") is the new legal framework that will come into effect
on the 25th of May 2018 in the European Union ("EU"), and will be directly applicable in all EU Member States from that
date. The GDPR's focus is the protection of personal data, i.e. data about individuals, and builds on existing data
protection laws, setting out the responsibilities of businesses in relation to the personal data they collect, hold,
transmit and otherwise use.
The GDPR is extra-territorial in nature and applies not just to organisations within the EU who process the data of
individuals but also organisations outside the EU who offer goods or services to individuals in the EU, or who monitor the
behaviour of individuals in the EU. Because the EU is a trading partner of most countries, the GDPR's wider scope means it
has implications for many businesses worldwide, and will effectively require them to be compliant if they wish to operate
in EU member states either directly or as a third-party for others.
As one example, if a company based in Asia or the United States, or another non-EU country, collects or
processes personal data of any employee, prospect, customer, partner, or supplier that is based in the EU, that company
will need to be compliant with the GDPR.
Sage has a project team who are focusing on the implementation of GDPR, and which is endorsed by the Sage Board.
In addition, Sage has robust governance procedures in place to manage the implementation of GDPR including a Data
Governance Committee comprising many key stakeholders to ensure all areas of our business will be ready for GDPR from the
date of enforcement in May 2018.
Learn more about Sage GDPR preparations.
Download information on our preparations