The General Data Protection Regulation (“EUGDPR”) is a European legal framework that became effective on May 25, 2018. The UK subsequently adopted it following Brexit – this is where you may hear the term the “UKGDPR”.
The purpose of the GDPR is to protect, collect, and manage personal data (i.e. data about individuals). It concerns all companies (including sole traders) in the UK or EU who hold or otherwise process personal data of people in the UK or EU. It also applies to companies outside the UK or EU that offer goods or services to individuals in the UK or EU or who monitor their behaviour there.