The UK General Data Protection Regulation (UK GDPR)—Navigator

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • The UK General Data Protection Regulation (UK GDPR)—Navigator
  • Chapter I—General provisions
  • Chapter II—Principles
  • Chapter III—Rights of the data subject
  • Section 1—Transparency and modalities
  • Section 2—Information and access to personal data
  • Section 3—Rectification and erasure
  • Section 4—Right to object and automated individual decision-making
  • Section 5—Restrictions
  • Chapter IV—Controller and processor
  • More...

The UK General Data Protection Regulation (UK GDPR)—Navigator

This Practice Note serves as a reference guide to the Retained Regulation (EU) 2016/679 (UK GDPR) and the Data Protection Act 2018 (DPA 2018) as applicable to general processing of personal data (the UK GDPR regime). This UK GDPR regime is derived from the EU data protection regime, the General Data Protection Regulation, Regulation (EU) 2016/679 (the EU GDPR), which became directly applicable in all EU Member States on 25 May 2018 and which governs the processing of personal data across the EEA (the EU plus Iceland, Norway, and Liechtenstein), since its incorporation into the EEA Agreement.

This Practice Note is designed to supplement the official text of the UK GDPR by adding in cross-references within the text to other related recitals, and also provide links out to related provisions within the DPA 2018 (as amended by Brexit legislation).

While the articles of the UK GDPR have been amended by Brexit legislation, the recitals have not. As a result, these provisions still refer to the position under the EU GDPR and should be used as a guide for interpretation only.

For an introduction to the UK GDPR regime, see Practice Note: The UK General Data Protection Regulation (UK GDPR).

For an introduction to the EU GDPR, see: Practice Notes: Introduction to the EU GDPR and UK GDPR.

The processing of personal data

Popular documents