Data protection essentials

Data protection laws in both the UK and EEA (the EU plus Iceland, Norway, and Liechtenstein) are intended to ensure information about living individuals (within the definition of ‘personal data’) is used fairly and responsibly.

To help ensure that, both the UK and data protection laws impose a large number of obligations on those ‘processing’ personal data (and on controllers of such processing) and grant rights to those whose personal data is processed (the ‘data subjects’). In summary, ‘processing’ includes doing almost anything with personal data, including storing, sharing, deleting or using it.

UK data protection law is largely derived from EEA data protection laws and is therefore generally based on similar principles, although there are some detailed differences.

This subtopic provides certain core resources commonly required by commercial lawyers when addressing UK and EEA data protection laws under:

  1. the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) regime, which applies under the laws of

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Powered by Lexis+®
Latest Public Law News
View Public Law by content type :

Popular documents