25 May is GDPR Day!

Management & Administration
May 25, 2018

From today, Friday 25 May 2018, the new General Data Protection Regulation (GDPR) comes into effect, replacing the 1998 Data Protection Act. You’ll see on the V&A’s website that a cookie banner appears, alerting you to changes in our privacy policy and cookie policy.

For the last 12 months the V&A’s Data Protection Team has been preparing for this major advance in the laws around personal data.

We have reviewed all of the museum’s activities that involve collecting, holding and processing personal data (for example data from employees, visitors, members and donors), to ensure that what we hold is relevant and is appropriately collected and managed. We have been improving how we document our use of personal data, and updating our policies and procedures – but also the information we provide to you wherever we collect data.

The V&A’s approach to data collecting is fully explained in our privacy policy. We hope that you will want to carry on receiving information from us, but should you choose not to, you can unsubscribe at any time – either directly from our the emails you receive, or by contacting privacy@vam.ac.uk directly and our Data Protection team will take care of this for you.

We constantly review and improve information security and strengthen the tools we use to protect personal data – and the privacy of everyone connected to the V&A. We see GDPRs as an opportunity to enhance standards of information management and transparency, and to build stronger relationships with our audiences, stakeholders and staff – now and for the future.

How can I find out more?


Join today and enjoy unlimited free entry to all V&A exhibitions, Members-only previews and more

Find out more


Find inspiration in our incredible range of exclusive gifts, jewellery, books, fashion, prints & posters and much more...

Find out more