UK DPA

What is the UK DPA?


The UK Data Protection Act 2018 (UK DPA) is the UK’s most comprehensive data protection law. It was passed to align the national legislation with the EU GDPR while the UK was still an EU member state.

The UK DPA’s text is essentially the same as the EU GDPR. It imposes the same requirements on businesses and grants data subjects the same rights.

The data subject rights include:

  • Right to be informed
  • Right to access
  • Right to delete
  • Right to correction of data
  • Right to object to processing
  • Right to restrict processing
  • Right to data portability
  • Right not to be part of automated decision-making.

The most important obligations for businesses involve ensuring that their processing has a legal basis, processing only the minimum amount of data for the identified purposes, and keeping the data safe.

Every business must determine what data security measures are most appropriate for their processing operations and implement them. Such measures shall ensure that the data is safe and prevent data breaches.

MergeBase and the UK DPA

The UK GDPR applies to MergeBase when we work with customers from the UK. However, we don’t just follow UK rules; we also make sure to meet the data protection standards set by the EU GDPR. This means that all our data handling aligns with these important laws.

We don’t stop there, though. We also help our customers understand and follow UK privacy laws. So, not only does MergeBase stick to these data protection rules, but we also guide our customers to do the same, ensuring everyone is on the right track with UK data privacy standards.

How Can MergeBase Help You Comply with the UK DPA

Our expertise ensures the data you handle is secure and private. You’ll put technical safeguards for data security in place, and we’ll ensure they’re working correctly.

In particular, we can help you follow the rule of using only as much data as necessary. We do this by reducing risks in open-source components, identifying and removing unnecessary or outdated parts of your software, and reducing the risk of exposing sensitive data before it can be secured.

Additionally, our regular vulnerability reports and constant monitoring will help you meet strict data security standards and prevent data leaks.