The UK GDPR: summary

The UK General Data Protection Regulation (UK GDPR) determines how your school must process and store personal data. Understand the main requirements and what you need to be aware of as a governor.

Last reviewed on 12 March 2024

School types: All•School phases: All•Ref: 30631

Contents

What is the UK GDPR?
Why do governors need to know about it?
Main requirements under the UK GDPR?
The UK GDPR in more detail

What is the UK GDPR?

The UK General Data Protection Regulation (UK GDPR) works with the Data Protection Act 2018 (DPA 2018) to form the UK's data protection framework. It was created in 2021, when the EU GDPR was incorporated into UK legislation by this piece of legislation.

The UK GDPR determines how a person's personal data is processed and kept safe, and the legal rights individuals have over their own data.

The key principles, rights and obligations remain the same as under EU GDPR, but there are some amendments, mainly around international transfers of data (see section 3).

The Department for Education (DfE) has published some guidance to help education providers stay compliant.

Why do governors need to know about it?

As the board of governors, or trustees in

Want to read this?

Unlock this article and get unlimited access to our entire library of resources and training courses with a no-obligation, 1 month free trial.

Search through our downloadable templates and resources

Try our on demand training

See how GovernorHub can help you manage the work of your board

Already a member? Log in

The UK GDPR: summary

The UK General Data Protection Regulation (UK GDPR) determines how your school must process and store personal data. Understand the main requirements and what you need to be aware of as a governor.

What is the UK GDPR?

Why do governors need to know about it?

Want to read this?

Read next

Also in "Data protection and the GDPR"