The General Data Protection Regulation (GDPR)

In May 2018 the General Data Protection Regulation (GDPR) will be implemented and this means that changes are required to the way personal data is managed. If you collect or store information about individuals you may need to change the way this is carried out. 

This page will be populated with information on GDPR so internal users can learn more about GDPR requirements and processes and use helpful templates. Some of the information on this page will be made available for external users to provide information on how their personal data is processed by the Scottish Parliament and set out people's rights in terms of accessing their personal data.

To find out more about GDPR or to ask for information or advice please email

  • Finding further information on GDPR: You can find out more about GDPR requirements on the website of the UK Information Commissioner.
  • We plan to provide a template for a data protection impact assessment here in due course.  
  • GDPR Overview: This provides information about the types of information we will provide.