Skip to main content

FAQs – GDPR for Vets

This information is Connected Vet’s interpretation of the GDPR legislation as it stands and should not be relied on as a legal basis for action.

What is the GDPR?

The General Data Protection Regulation (GDPR) is replacing the Data Protection Act 1998. It places greater accountability on how organisations handle personal data. It was enforced on 25th May 2018.

What can my practice do to be compliant?

Connected Vet recommend three routes to compliance:

As a small business are we exempt from the GDPR?

No. All veterinary practices process personal data (clients, employee and suppliers) and you will have to comply with the GDPR regardless of your practice size.

What information does the legislation apply to?

The GDPR applies to ‘personal data’, which means any information relating to a living, identifiable person who can be directly or indirectly identified from this data.

Will Brexit make any difference?

No, the GDPR has been incorporated into the new Data Protection Bill 2018 which will ensure that Brexit has no impact.

Will my practice still be able to use our marketing database?

From the audits that Connected Vet have completed with small to medium veterinary practices, it is unlikely that marketing communications will be able to be lawfully sent to clients without significant changes. In most cases, the data is not up to date, client permissions are incomplete, consent is non-compliant and there is a lack of knowledge of the functionality available within the PMS.

If we do nothing, can we still send treatment reminders?

Unlikely. Most practices do not have valid consent in place or are not clear on the legal basis and processes they should use for these marketing communications.

What is classed as marketing communications in the context of a vets?

This is quite broad and covers practice news, vaccination and treatment reminders, and promotions. Practices can still communicate with clients for opening times, appointment reminders and invoicing, which would fall under the servicing of a contract.

Do we always need consent?

Not always. Consent can be difficult for a practice to administer and there are other legal bases that may be more appropriate and effective for your business.

Does the GDPR only apply to EU organisations?

No. The GDPR applies to processing carried out within the EU, but it also applies to organisations outside the EU that process the data of individuals in the EU.

What are the big changes from the Data Protection Act?

There are quite a few significant changes. See our free GDPR for Vets – Overview course. Its free and will get you up to speed on the changes and your practice’s obligations under GDPR.

Difficult Question?

Ask us


This information is Connected Vet’s interpretation of the GDPR legislation as it stands and should not be relied on as a legal basis for action.


Strictly Necessary

These cookies are required for our website to operate and include items such as whether or not to display this pop-up box or your session when logging in to the website. These cookies cannot be disabled.


We use 3rd party services such as Google Analytics to measure the performance of our website. This helps us tailor the site content to our visitors needs.


From time to time, we may use cookies to store key pieces of information to make our site easier for you to use. Examples of this are remembering selected form options to speed up future uses of them. These cookies are not necessary for the site to work, but may enhance the browsing experience.


We may use advertising services that include tracking beacons to allow us to target our visitors with specific adverts on other platforms such as search or social media. These cookies are not required but may improve the services we offer and promote.

Change Settings

Welcome. We use cookies to offer you a better website experience.

Change Settings Accept