The Guide to the UK GDPR is part of our Guide to Data Protection. It is for DPOs and others who have day-to-day responsibility for data protection.
It explains the general data protection regime that applies to most UK businesses and organisations. It covers the UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.
It explains each of the data protection principles, rights and obligations. It summarises the key points you need to know, answers frequently asked questions, and contains practical checklists to help you comply.
Where relevant, this guide also links to more detailed guidance and other resources, including ICO guidance, statutory ICO codes of practice, and European guidance published by the European Data Protection Board (EDPB). EDPB guidelines are no longer binding on the UK regime but are included as a useful reference.
You may also find other sections of the Guide to Data Protection useful:
- Introduction to data protection – for more on how the DPA 2018 works
- Guide to law enforcement processing – for more on the separate regime for law enforcement
- Guide to intelligence services processing – for more on the separate regime for the intelligence services
- Key data protection themes – for specific guidance on key themes and topics, including children’s data