This self assessment tool can help you determine the data protection regime that applies to the data you process, now the UK’s transition period from the EU has ended.
There are four possible regimes under UK law that are regulated by the ICO:
- UK GDPR (the general UK regime)
- Frozen GDPR (the regime for non-UK data);
- DPA Part 3 (the law enforcement regime); and
- DPA Part 4 (the intelligence services regime)
In some cases, UK organisations may also have to comply with the EU GDPR. However, this will be regulated separately by EU authorities, and the UK has no regulatory role.