UK GDPR: UK General Data Protection Regulation - Primary legislation governing data protection rights and obligations in the UK post-Brexit
DPA 2018: Data Protection Act 2018 - The UK's implementation of data protection standards, complementing and working alongside UK GDPR
PECR: Privacy and Electronic Communications Regulations 2003 - Specific rules for electronic communications, including electronic marketing and cookies
ICO Guidelines: Information Commissioner's Office Guidelines - Official regulatory guidance on interpreting and implementing data protection requirements in the UK
EDPB Guidelines: European Data Protection Board Guidelines - While not binding post-Brexit, these remain influential in UK data protection practice
Right of Access: The right for individuals to request access to their personal data and obtain a copy of it (Subject Access Request)
Right to Rectification: The right for individuals to have inaccurate personal data rectified or incomplete data completed
Right to Erasure: Also known as 'right to be forgotten' - the right to have personal data erased in certain circumstances
Right to Restrict Processing: The right to restrict or suppress the processing of personal data in certain circumstances
Right to Data Portability: The right to receive personal data in a structured, commonly used format and to transmit that data to another controller
Right to Object: The right to object to the processing of personal data in certain circumstances, including direct marketing
Rights related to Automated Decision Making: The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects
