Legal Regulations

WEEE Regulations and Data Protection Act (GDPR) compliance

There may be industry specific regulations that you have to comply with and we can advise further on this, but all businesses - regardless of industry sector - need to comply with the WEEE Regulations and the Data Protection Act / GDPR.

The secure disposal of used equipment is also a key control in ISO 27001 (Annex A.11.2.7).

In addition to the liability of data-bearing computers lying around a site, waste and broken equipment should not be stored without the appropriate licences from SEPA, so contact us now to arrange the uplift, secure destruction and recycling of your redundant IT equipment.


Businesses need to comply with the Waste Electrical and Electronic Equipment (WEEE) Regulations – this means waste IT equipment cannot be dumped or fly tipped, and must be disposed of through the proper channels.

When disposing of redundant computer and electrical equipment, it is essential that it is passed to a licensed company, and a Waste Transfer Note is issued to provide proof of its legal transfer. This allows companies to fulfill their obligations under the WEEE Regulations, and avoid fines and prosecutions levied by the Environment Agency.

Waste disposal is increasingly in the spotlight, and businesses need to make sure they dispose of their equipment legally and responsibly.

UK businesses need to comply with the General Data Protection Regulation (GDPR) for the handling, storing and disposing of sensitive data. The definitions can be complex, and the Information Commissioner’s Office website ( gives further information.

It can be summarised that any information that identifies a living person is classed as sensitive – this covers much of the information held by most businesses.

A key principle of the GDPR is to guard against loss of data. Since this is most likely to happen when disposing of redundant IT equipment, our secure disposal services help businesses avoid the increasingly expensive fines that a data breach results in. We're not experts in all aspects of the GDPR but we know our stuff when it comes to the GDPR requirements for data processing, so we can advise how our services can help you meet your GDPR obligations.

The Certificates of Destruction that Glasgow Computer Recycling issue serve as proof that data has been securely destroyed.