Data protection essentials

Data protection laws in both the UK and EEA (the EU plus Iceland, Norway, and Liechtenstein) are intended to ensure information about living individuals (within the definition of ‘personal data’) is used fairly and responsibly.

To help ensure that, both the UK and EEA data protection laws impose a large number of obligations on those ‘processing’ personal data (and on controllers of such processing) and grant rights to those whose personal data is processed (the ‘data subjects’). In summary, ‘processing’ includes doing almost anything with personal data, including storing, sharing, deleting or using it.

UK data protection law is largely derived from EEA data protection laws and is therefore generally based on similar principles, although there are some detailed differences.

This subtopic provides certain core resources commonly required by commercial lawyers when addressing UK and EEA data protection laws under:

    •the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) regime, which applies under the laws of ...

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Powered by Lexis+®
Latest Commercial News
View Commercial by content type :

Most recent Data protection essentials content

Q&As

What is the impact of Brexit on international transfers of personal data?This Q&A looks at the impact of Brexit on cross-border transfers of...
27th Jun
Q&As

What UK laws apply to automated individual decision-making and profiling?The UK GDPRThe mostly commonly encountered UK data protection law is the...
27th Jun
Practice notes

The Data Protection and Digital Information Bill [Archived]ARCHIVED: This archived Practice Note provides information about the Data Protection and...
27th Jun
Practice notes

UK GDPR and EU GDPR—transfers of personal data internationally and to international organisationsFORTHCOMING CHANGE: On 19 June 2025, the data (Use...
25th Jun
Checklists

Privacy notices—what information to include—checklistFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent,...
25th Jun
Practice notes

The Data Protection Act 2018FORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data (Use and...
25th Jun
Precedents

Privacy policy—general commercial organisation—customer-facingFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal...
25th Jun
Practice notes

Personal data sharing between controllersFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data...
24th Jun
Practice notes

Profiling and automated decision-makingFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data...
24th Jun
Practice notes

Outsourcing and data protectionFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data (Use and...
24th Jun
Practice notes

Data portabilityFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data (Use and Access) Act 2025...
24th Jun
Practice notes

Supply chains under data protection law—arrangements between controllers and processorsFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access)...
24th Jun
Practice notes

UK GDPR—the public sectorFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data (Use and Access)...
24th Jun
Practice notes

Key definitions under UK data protection lawFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the...
24th Jun
Practice notes

Data protection principlesFORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data (Use and...
24th Jun
Precedents

Personal data sharing clause—controller to controller—pro-receiving partyDefined terms: This Precedent clause uses the additional defined terms...
20th Jun
Practice notes

Summary of ICO strategy 2022–2025 (ICO25)In October 2022, the Information Commissioner’s Office (ICO) published its three-year strategic plan covering...
20th Jun
Practice notes

Brexit—implications for data protection [Archived]ARCHIVED: This archived Practice Note provides information on the Data Protection, Privacy and...
19th Jun
Practice notes

List of data protection clauses and agreements for commercial transactions and personal data processing and sharingThis Practice Note is a...
18th Jun
Practice notes

Introduction to the EU GDPR and UK GDPRThis Practice Note provides an introduction to both the EU’s General Data Protection Regulation, Regulation...
18th Jun

Popular documents