Guide to the General Data Protection Regulation (GDPR)


Key Questions: Who and what does the General Data Protection Regulation (GDPR) apply to? What rights does the GDPR provide?

The Guide to the GDPR explains the provisions of the GDPR to help organisations comply with its requirements. It is for those who have day-to-day responsibility for data protection. This is a living document and is constantly being updated and expanded in key areas by the Information Commissioner's Office (ICO).  It includes links to relevant sections of the GDPR itself, to other ICO guidance and to guidance produced by the EU’s Article 29Working Party. The Working Party includes representatives of the data protection authorities from eachEU member state, and the ICO is the UK’s representative.


  • Introduction
  • What's new
  • Key definitions
  • Princples
  • Lawful basis for processing
  • Individul rights
  • Accountability and governance
  • Security
  • International transfers
  • Personal data breaches
  • Exemptions
  • Appliactions 
Contact Person/Organization: 

Information Commissioner's Office (ico.)

Type of Tool:

Publication Date: 

General Data Protection Regulation in 97 seconds