The General Data Protection Regulation (EUGDPR) is a European legal framework that came into effect on May 25, 2018. The UK subsequently adopted it following Brexit – this is where you may hear the term “the UKGDPR.”
The GDPR focuses on protecting, collecting and managing personal data (i.e. personally identifiable information). All companies and organizations in the UK or EU must comply if they hold or otherwise process personal data (including sole traders) of people in the UK or EU. This can even apply to companies outside the UK or EU that offer goods or services to the individuals in the UK or EU.