What is the UK GDPR?

GDPR, General Data Protection Regulation (EU) 2016/679 (GDPR) is a new regulation in EU law focused on data protection and privacy for all individuals within the European Union. It applied to all EU member states from 25 May 2018.

The UK left the EU on 31st January 2020 and entered a transition period where all EU regulations, including GDPR continued to be enforced, this ended 31st December 2020. To continue trading with the EU, the UK needed to share data, therefore required data protection legislation which was AT LEAST as robust as the EU GDPR.

As a result, the EU GDPR was brought into UK law, amended slightly to make it more relevant, and now sits alongside other data protection laws and regulations which, together, make up the UK GDPR.

What does UK GDPR mean for Tibbetts and our partners?

The Tibbetts Group holds data from its business partners for a variety of reasons; this can be because you are an existing partner with whom we trade or as a point of contact for the arrangement of collections or deliveries.  Occasionally we may be required to share your personal data with third parties, such as other Tibbett’s offices to enable them to perform contracted duties on your behalf as our partner.

Under the UK GDPR regulation,  The Tibbetts Group must….

Ensure that all data held within our systems is processed lawfully, fairly and in a transparent manner.

Be clear and open about our purpose for collecting people’s data and not to use it for any other incompatible purpose.

Ensure that data is adequate, relevant, and limited to what is necessary.

Ensure that personal data is accurate and where necessary, kept up to date – we will do this by:

obtaining your agreement to opt in to any communications which we distribute, either for the purposes of doing business or as part of  a marketing campaign

obtaining your agreement for Tibbetts to hold your personally identifiable information (PII) unless the information we hold relates to your company and its employees and is for business purposes only as outlined under UK GDPR Regulations

providing you with clear instructions on how to request that your data is corrected or brought up-to-date – simply by emailing

providing you with clear instructions on how to opt out of Tibbetts holding any and all data held on you OR of receiving information of a marketing nature – simply by emailing

ensuring that personal data should only be kept for as long as necessary to complete its purpose

ensuring that date should be processed in a way which ensures appropriate security of the data

Our obligation to you

The Tibbetts Group has established a project team to ensure that our various business units and offices work together towards our aim to be as transparent and concise with data handling as possible.

All employees are aware of the GDPR requirements and the need for compliance.

You have the option to opt out of our various marcoms, for instance with regards to our e-newsletters, selecting unsubscribe located at the footer of our newsletter will automatically remove you from our mailing list. We value our partnership and your continued support, therefore please tell us how you would like us to handle your data.

What happens if I change my mind?

We appreciate that at some point in the future you may wish to change your mind and withdraw consent from your data being held OR from receiving information of a marketing nature. If at any point you wish to do so, or have any questions regarding UK GDPR, simply email stating clearly your wishes and we will process your request accordingly.

Can I request access to see what data you hold?

Yes, if at any point you wish  to see what data we hold and where it is stored and indeed if it is incorrect and needs to be updated, simply email and we will be happy to action your request.