UK GDPR glossary

The world of data protection is filled with jargon and technical terms. Our UK GDPR glossary makes it accessible for you.

Last reviewed on 5 July 2023
School types: AllSchool phases: AllRef: 32593

UK GDPR The UK General Data Protection Regulation. It replaced the EU GDPR following the UK's withdrawal from the European Union. This is the law that governs data protection in the UK. The Data Protection Act 2018 The law that sets out how specific aspects of the UK GDPR apply.  Personal data The UK GDPR only applies to organisations' use of personal data. This is any information relating to an identified, or identifiable, person. This may include information such as the person's: Name Contact details Identification number Online identifier, such as a username It may also include anything relating to the person's physical and mental health, genetics, finances, or their physiological, cultural or social identity. Special categories of personal data Personal data which is more sensitive and so needs more protection. It includes information about a person's: Racial or ethnic origin Political opinions Religious or philosophical beliefs Trade union membership Genetic information Biometrics (such as fingerprints, retina and iris patterns), where used for identification purposes Health – physical or mental Sex life or

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence v3.0.