The Remote Gambling Association (“the RGA”) has today published guidance to help licensed gambling operators to comply with their obligations under the General Data Protection Regulation (GDPR).
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It will come into force on 25 May 2018.
The consistent and effective implementation of the GDPR poses a number of challenges for all industries and organisations, not least because of the lack of precedent to follow; and the fact that clear regulatory guidance on every aspect of it is not yet available. The aim of this guidance is to assist the remote gambling sector through this phase. It will be reviewed and updated as and when greater clarity or better practice emerges.
A copy of the RGA GDPR Guidance document can be downloaded by clicking here.
In the UK, it should be read in association with information and advice provided by the Information Commissioner’s Office (ICO) which is responsible for regulating the legislation and issuing guidance on it. In particular operators should be aware of the general guidance published by the ICO and the following information note issued by the Gambling Commission.
Clive Hawkswood, the RGA’s Chief Executive, said ‘the principles which underpin the GDPR reflect the importance of safeguarding personal data and ensuring that it is used only where it is appropriate to do so. Unfortunately, there remains a good deal of uncertainty about the GDPR’s precise interpretation and application. This guidance is designed to help our sector navigate its way through the requirements as they are presently understood. It has had input from a wide range of stakeholders and we are heavily indebted to the ICO for the constructive and supportive advice it has provided at different stages of the process.’