Skip to main content

GDPR and Personal Data

What is GDPR?

GDPR stands for General Data Protection Regulation.

It’s the UK version of EU data protection legislation. If we break this law, we risk consequences to the whole organisation and our ability to communicate.

Plus, we want to take care of each other, and that includes being careful with information about each other, so complying with GDPR rules is totally in accordance with our XR Principles and Values.

Following GDPR is about showing respect to rebels. We want to ensure that all rebels’ personal data is treated with respect and protected from misuse. GDPR provides a sensible set of principles that can help us to do that. If you’re collecting or using personal data, the resources here will help you to understand what you need to do.

What to do

Once you know what "personal data" is, check out the Data Plan below if you:

  1. Plan to get personal data - so you need to make a Data Plan
  2. Already have personal data and you haven't done a Data Plan yet, or
  3. You are changing how you use personal data - so your Data Plan needs creating or changing

The Data Plan should to prompt questions about new data collection. It's also a good starting point if you have data and have got to catch up on the planning part.

You can contact us via our GDPR & Security Reception channel on Mattermost or by email at