In May of this year, the UK undergoes the biggest change to its Data Protection legislation since the introduction of the Data Protection Act (DPA) in 1998.

The new General Data Protection Regulations (GDPR) will become effective from 25th May 2018 and represents a change to the way in which organisations will acquire, process, share and delete personal data. This will update the rules for the digital age and offer more rights to those whose data is held. There are also new responsibilities placed on data processors such as Myhrtoolkit. Some of the steps we have taken to ensure that we are compliant with the GDPR are:


  • Amended our licence agreement to confirm that we meet the requirements of GDPR
  • Produced a new Privacy Policy for all Users of the Toolkit system
  • Created appropriate User Guidance to update our previous User Terms
  • Implemented internal policy and process to support our obligations under GDPR
  • Reworked our T&Cs page to provide access to a wider range of resources
  • Made some adjustments to the display and background operation of the system.


The revised licence agreement and associated documents will become effective on the 25th May and be available for Controllers from the contracted party within the new T&Cs page. It’s available to view prior to the effective date and we’ll provide some timely prompts within the application too. Don’t worry though as there’s no need to take any action, as continued usage of the system will constitute acceptance.

On the effective date, we will also introduce all system users to the new-look User Guidance and Privacy Policy.


The links on the right hand side provide access to a wide variety of GDPR related policy, process and further reading.


Myhrtoolkit takes your security very seriously,
providing tools to ensure a toolkit is operating securely, and advice on good practise.

How to learn more