You are here:

Last reviewed on 16 March 2021
Ref: 30801
School types: All · School phases: All

The UK General Data Protection Regulation (UK GDPR) determines how you must process and store personal data - understand what you have to do and how the data laws have changed since Brexit.

What is the UK GDPR?

The UK General Data Protection Regulation (UK GDPR) works with the Data Protection Act 2018 (DPA 2018) to form the UK's data protection framework.

It determines how people’s personal data is processed and kept safe, and the legal rights individuals have over their own data. 

The UK adopted the EU’s GDPR in 2018, but since the UK's withdrawal from the EU it has used its own version, known as the UK GDPR. Find out how the two pieces of legislation differ in the section below. 

How has Brexit changed the UK's data protection laws? 

In January 2021, the EU GDPR was incorporated into UK legislation as the 'UK GDPR' (by this piece of legislation).

The key principles, rights and obligations remain the same as before, but there are some amendments, which the government has published here

The main change is around international transfers of data. 

The UK now has

More from The Key


Bitesize training with a big impact

Our on-demand training has your whole board covered and lets them learn at a time and pace that suits them.

Help your new governors hit the ground running with our expertly-designed induction training, and our role-specific courses support your link governors develop key skills and confidence in their role.


New eLearning: DSL refresher training

Your DSL’s training should be refreshed at least once every 2 years. 

Designed in collaboration with safeguarding experts, our 2.5 hour online refresher training course reminds DSLs how to put their knowledge into practice, with in-depth, real-world scenarios.


The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence v3.0.