The UK GDPR which is supplemented by the Data Protection Act 2018 (DPA 2018) together form the UK data protection regime. The UK GDPR is almost a word-to-word version of its EU counterpart.
Here are the notable differences between UK GDPR and EU GDPR:
| UK GDPR | EU GDPR | |
|---|---|---|
| Expanded scope | Includes personal data collected for national security, immigration, and intelligence services (with some exceptions) | Excludes personal data collected for national security, immigration, and intelligence services |
| Age of consent | 13 | 16 (could be 13, depending on Member State law) |
| Enforcing body | Information Commissioner’s Office (ICO) | European Data Protection Board (EDPB),European Commission, and Member State data protection authorities |