The General Data Protection Regulation (GDPR) and UK Data Protection Act 2018 came into full effect on 25 May 2018. We have developed a suite of support materials and resources to help your organisation understand and comply with the new data protection framework.

GDPR in Brief Series

Exclusive to MRS Members and Accredited Company Partners, our data privacy experts have produced the GDPR in Brief Series for interpreting the regulation in the context of the insight sector.

The series includes:

  • GDPR in Brief No.1 – Overview of Data Protection Reform
  • GDPR In Brief No.2 – Compliance Checklist
  • GDPR In Brief No.3 - Data Processors
  • GDPR In Brief No.4 - Data Protection Officer
  • GDPR In Brief No.5 - Informed Consent
  • GDPR In Brief No.6 - Informed Consent Checklist 
  • GDPR In Brief No.7 - Transparent Privacy Information Notices
  • GDPR In Brief No.8 - Personal Data Breach
  • GDPR In Brief No.9 - Personal Data Breach Checklist

You can access the GDPR in Brief Series here:

For Individual Membership access click here.
For Company Partner access click here.

General Guidance

MRS Data Protection and Research Guidance 2019, is designed to help researchers understand the impact of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 on research policies and practices. This guidance, updated in May 2019, was developed through informal consultation with the Information Commissioner’s Office (ICO).

Guidance Notes

Exclusive to MRS Members and Accredited Company Partners, these specialist Guidance Notes provide detailed interpretation and application of the data protection framework to the insight sector.

    • MRS Guidance Note - Controllers and Processors

For Individual Membership access click here.
For Company Partner access click here.

GDPR FAQ

Frequently asked questions on the GDPR is available here:  GDPR FAQ

Training and webinars

As well as the GDPR In Brief guides, MRS also has a range of events and training to help support you and your team with compliance.

GDPR Standards WebinarOn the Starting Blocks, GDPR Q&A with MRS Standards Team
Developed in the lead up to the initial implementation of GDPR, our standards team answer your concerns and highlight the key changes to the data protection landscape. 
Exclusively for MRS Individual members. Watch the webinar here

Outsourced data protection officer service

GDPR allows you to fill the role of a data protection officer (DPO) using an external service provider. Accredited corporate members of MRS can access a tailored DPO service in the company partner area of this website.  

Fair Data trust mark

Don’t forget MRS also offers Fair Data - an accreditation trust mark that allows companies to showcase best practice in data protection. It can help guide you towards GDPR compliance. Plus there are useful resources on the GDPR including:

See the Fair Data compliance timeline
Read Fair Data GDPR blogs

Download the MRS Policy and Standards Review

This report demonstrates the breadth of our standards work from the data this sector creates and processes, to the research and insight we deliver, right through to the people it employs and hopefully enables.

Go to the review

The Privacy and Electronic Communications Regulations 2003 cover the use of unsolicited emails and text messages, and require consent for the use of “cookies” by websites.

MRS has developed detailed guidance on the application of this legislation to market social and opinion research.

Guidelines on the Privacy and Electronic Communications Regulations 2003

Privacy and electronic communications: some key points
  • Unsolicited emails or SMS for marketing purposes cannot be sent without prior consent.
  • Sample for telephone marketing must be screened against the Telephone Preference Service (TPS).
  • There are exemptions for existing relationships.
  • Emails, SMS and telephone calls for research purposes are unaffected.
  • Consent required for use of cookies on websites since May 2011.
Monitoring interviews

Some frequently asked questions on RIPA 2000 (The Regulation of Investigatory Powers Act 2000).

The Freedom of Information Act 2000 applies to information held by, or on behalf of, public authorities.

Research organisations may find themselves drawn into Freedom of Information Act (FOIA) issues in two ways.

Firstly they may have provided information to a public authority. This may be included in tender documents, contacts or research reports. Secondly they may hold information on behalf of the public authority. It may be the case that contractually any work product is the property of the public authority client or that the researcher holds the sole copy of a research report paid for by the public authority.

Our guidelines and FAQ provide detailed advice on the operation of FOIA, including how to deal with requests, and how to help protect sensitive commercial information.

Freedom of Information Act 2000: Guidance

Get the latest MRS news

Our newsletters cover the latest MRS events, policy updates and research news.