UK GDPR: The United Kingdom General Data Protection Regulation - the primary data protection legislation in the UK post-Brexit, setting out the key principles, rights and obligations for processing personal data in the UK
DPA 2018: The Data Protection Act 2018 - the UK's implementation of data protection laws, working alongside and supplementing the UK GDPR
PECR: Privacy and Electronic Communications Regulations 2003 - UK regulations governing electronic communications, including rules on cookies, marketing calls, emails, and texts
EU GDPR: European Union General Data Protection Regulation - must be considered when dealing with EU residents or operating in EU territories
CCPA/CPRA: California Consumer Privacy Act and California Privacy Rights Act - key US state privacy laws affecting businesses dealing with California residents
LGPD: Lei Geral de Protecao de Dados - Brazil's General Data Protection Law that regulates the processing of personal data in Brazil
PIPL: Personal Information Protection Law - China's comprehensive data protection law governing the processing of personal information of individuals in China
ePrivacy Directive: European directive setting specific privacy requirements for electronic communications sector, particularly relevant for cookies and digital marketing
International Data Transfers: Requirements for transferring data internationally including UK adequacy decisions, Standard Contractual Clauses (SCCs), and Binding Corporate Rules (BCRs)
ICO Guidelines: Regulatory guidance from the Information Commissioner's Office - the UK's data protection authority providing practical guidance on implementing data protection requirements
EDPB Guidelines: European Data Protection Board guidelines providing consistent interpretation of data protection rules across the European Economic Area
Industry Regulations: Sector-specific regulations that may impose additional data protection requirements for particular industries such as financial services or healthcare
