The UK General Data Protection Regulation (UK GDPR)
Published by a LexisNexis Information Law expert
Practice notesThe UK General Data Protection Regulation (UK GDPR)
Published by a LexisNexis Information Law expert
Practice notes
FORTHCOMING CHANGE: On 19 June 2025, the Data (Use and Access) Bill received Royal Assent, becoming the Data (Use and Access) ACT 2025 (DUAA 2025) and coming partly into force on that date. Parts 5 and 6 serve to amend aspects of Data protection and ePrivacy law in the UK, including the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003, SI 2003/2426. Certain provisions of DUAA 2025, concerning matters such as responding to data subject access requests and the conferring of power to make further regulations, came into force immediately on 19 June 2025. Other provisions, concerning notices from the Information Commissioner and some aspects of law enforcement processing, come into effect on 19 August 2025 (being two months from the date of Royal Assent). The majority of DUAA 2025’s provisions require further regulations (in the form of statutory instruments) to be made to bring them into force. For further information on DUAA 2025 generally,
Get your quote today and take step closer to being able to benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 36 practice areas
Get a LexisNexis quote
* denotes a required field
To view the latest version of this document and thousands of others like it,
sign-in with LexisNexis or register for a free trial.
CONTACT US
