The General Data Protection Regulation (“EUGDPR”) is a European legal framework that came into effect on the 25th of May 2018. The UK subsequently adopted it following Brexit – this is where you may hear the term “the UKGDPR”.
The GDPR focuses on protecting, collecting, and managing personal data (i.e. data about individuals). It must be complied with by all companies and organisations in the UK or EU who hold or otherwise process personal data (including sole traders) of people in the UK or EU, and even companies outside the UK or EU that offer goods or services to the individuals in the UK or EU or who monitor their behaviour there.