ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

UK-DPA-2018

UK DPA 2018 compliance regulation modern detailed.

Definition

UK DPA 2018 (Data Protection Act 2018) is the UK national legislation transposing + completing EU GDPR for UK ; post-Brexit (UK officially left EU 31 January 2020, transition period ended 31 December 2020), DPA 2018 + 'UK GDPR' (UK retained amended version of EU GDPR) constitute the UK data protection legal framework ; EU adequacy decision UK valid until 27 June 2025 (will be renewed + Data (Use and Access) Bill 2024+ proposed UK additional data protection reforms - debate ongoing). Technical detail + application scope + compliance obligations + non-compliance sanctions + reporting processes + impact on in-scope companies + alignment with adjacent national + international regulations + governance + supervisory authorities + implementation timeline + transitions + case law + industry best practices documentation adoption.

Origin

UK DPA 1998 first version ; UK DPA 2018 replaced ; UK GDPR (retained version) effective post-Brexit 1 January 2021 ; EU adequacy decision valid until 27 June 2025 + likely renewed.

Example in context

UK retailer Marks + Spencer processes ~30M UK + EU customers personal data: (1) UK customers protected by UK DPA 2018 + UK GDPR, (2) EU customers protected by EU GDPR + Standard Contractual Clauses for cross-border UK->EU transfers (EU-to-UK transfers covered by EU adequacy decision UK until 2025), (3) ICO (Information Commissioner's Office) UK data protection regulator + EU DPAs counterparts cooperation on cross-border issues.

  • GDPR v3 — EU equivalent regulation.

Last updated: May 16, 2026