The 7 principles of GDPR explained
A clear guide to the seven principles of UK GDPR — lawfulness, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confid…
Read more →
Guidance
Blog
GDPR & Data Protection Resources
Clear, practical guides to GDPR and data protection for UK organisations — the UK GDPR, the Data Protection Act 2018, the data protection principles, individual rights, lawful bases, data breaches and more.
Guidance
Data controller vs data processor under GDPR
A practical guide to the difference between data controllers and data processors under UK GDPR, including joint controllers, Article 28 contracts, sub-p…
Read more →
Guidance
GDPR and CCTV in the UK: rules for businesses and homeowners
A practical guide to UK GDPR and CCTV — when the rules apply, what businesses must do, when the household exemption protects homeowners, and what the Fa…
Read more →
Guidance
GDPR cookie consent in the UK: rules after the DUAA 2025
A current guide to UK cookie consent law — the relationship between PECR and UK GDPR, which cookies still need consent, the new exemption categories fro…
Read more →
Guidance
GDPR data breach: what to do in the first 72 hours
A practical guide to UK GDPR data breach response — what counts as a breach, the 72-hour reporting rule, when to notify the ICO and affected individuals…
Read more →
Guidance
GDPR data retention periods: how long can you keep personal data?
UK GDPR does not set fixed retention periods. This guide explains how the storage limitation principle works in practice, what other UK laws require, an…
Read more →
Guidance
GDPR fines and penalties in the UK: how big, who pays, what counts
A current guide to UK GDPR fines and penalties — the two-tier structure, how the ICO calculates fines, the biggest UK penalties to date, and the wider e…
Read more →
Guidance
GDPR consent and lawful basis: what UK organisations need to know
A practical guide to the seven lawful bases under UK GDPR, the conditions for valid consent, the new recognised legitimate interests basis introduced by…
Read more →
Guidance
GDPR privacy notices: what they must contain and how to write one
A practical guide to privacy notices under UK GDPR — what Articles 13 and 14 require, the difference between Article 13 and Article 14 information, laye…
Read more →
Guidance
GDPR ROPA: how to maintain Article 30 records of processing
A practical guide to Article 30 of the UK GDPR: what a Record of Processing Activities is, who must keep one, what it must contain, and how to build a R…
Read more →
Guidance
Individual rights under GDPR: a complete guide to data subject rights
A practical guide to the eight individual rights under UK GDPR — the right to be informed, the right of access, rectification, erasure, restriction, por…
Read more →
Guidance
UK GDPR vs EU GDPR: what's actually different?
A current comparison of the UK and EU versions of GDPR, including the divergence created by the Data (Use and Access) Act 2025 and what it means for UK…
Read more →
Guidance
What is GDPR? A UK guide to the General Data Protection Regulation
A plain-English guide to UK GDPR: what it is, who it applies to, the principles and rights it protects, and what changed under the 2025 Data (Use and Ac…
Read more →
Guidance
What is personal data under GDPR? Definitions and examples
A clear guide to personal data under UK GDPR — what counts, what doesn't, the special category data list, and the difference between pseudonymised and a…
Read more →
Guidance
When did GDPR become law? Key dates in the UK and EU
The General Data Protection Regulation was adopted on 14 April 2016 and became enforceable on 25 May 2018. This guide explains each date — including UK…
Read more →
Guidance
Who does GDPR apply to? Scope and enforcement in the UK
A clear guide to who must comply with UK GDPR — including UK and overseas organisations, charities, sole traders, the household exemption, and how the I…
Read more →
Ready to get certified?
Get GDPR trained in 90 minutes
Our CPD-accredited GDPR & Data Protection Course gives you an instant printable certificate the moment you pass — from just £14.