Data protection principles
Produced in partnership with Pillsbury Winthrop Shaw Pittman LLP

The following Information Law practice note produced in partnership with Pillsbury Winthrop Shaw Pittman LLP provides comprehensive and up to date legal information covering:

  • Data protection principles
  • Lawfulness, fairness and transparency
  • Lawfulness
  • Fairness
  • Transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • More...

Data protection principles

This Practice Note covers the principles for handling personal data that form the core of the ‘GDPR’ regimes applicable in the UK and EEA (as explained further below). For a general introduction to data protection law, including links to guidance on additional duties that arise under those regimes, see the Data protection toolkit.

In relation to the subject matter of this Practice Note, there is great similarity between:

  1. the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) (which was applicable under UK laws until the end of the Brexit implementation period at 11 pm UK time on 31 December 2020 and remains applicable in the EEA), and

  2. the United Kingdom General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR) (applicable under UK laws from the end of the Brexit implementation period and largely based on the EU GDPR)

Given the extensive data flows between the EEA and UK, equivalent EEA data protection laws will remain of particular interest to UK practitioners. Therefore, this Practice Note addresses equivalent requirements under both the UK GDPR and EU GDPR to assist UK practitioners who may need to consider the position under either. It refers to both as ‘GDPR regimes’ for convenience where there is no need to distinguish them.

Note that:

  1. this Practice Note considers equivalent provisions under the EU GDPR applicable in EEA states

Popular documents