UK General Data Protection Regulation (UK GDPR)

Introduction

Guide

The UK General Data Protection Regulation (UK GDPR) sets out the key principles, rights and obligations for processing of personal data.

It sits alongside the Data Protection Act 2018, applies to most UK businesses and organisations, and governs the fair and proper use of personal information.

This guide explains what personal data is under the UK GDPR. It describes the key data protection principles, rights of individuals, and the lawful basis for processing of personal data.

It also provides information on obtaining consent and providing privacy information under the UK GDPR, and on the rules on restricted transfers of personal data, including the use of Standard Contractual Clauses.

Finally, it tells you how to report serious breaches of personal data and what sanctions you may face if you fail to comply with the UK GDPR.

This guide does not constitute legal advice and is provided for general information purposes only.