Conversion to UK version of GDPR

Yes, UK GDPR is shaped by EU GDPR. You need to assess whether your organization falls under the scope of both regulations or not because both EU GDPR and UK GDPR have extraterritorial applications.

Therefore, if you need to comply with EU GDPR and UK GDPR in the normative section you can add UK GDPR and UK Data Protection Act 2018 as legislative references in the policies and in the documentation, while if you need to comply with UK GDPR you can replace all EU GDPR references with the UK GDPR.

For more information, see:

• What is the EU GDPR and why is it applicable to the whole world? https://advisera.com/eugdpracademy/knowledgebase/what-is-the-eu-gdpr-and-why-is-it-applicable-to-the-whole-world/
• Useful resources for complying with EU GDPR https://advisera.com/eugdpracademy/knowledgebase/useful-links/
• How to comply with EU GDPR, UK GDPR and Data Protection Act https://advisera.com/eugdpracademy/blog/2021/05/25/how-to-comply-with-eu-gdpr-uk-gdpr-and-data-protection-act/

You can also consider enrolling in this free EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course/

Thanks for your response. Would you say that if a policy is already designed to comply with EU GDPR, then simply amending the language to also reference UK GDPR is sufficient? In other words, is the only change required to specify that it’s UK, but no actual substantive changes to the policy are needed?

Yes, that is right. Of course, I suggest you monitor the Information Commissioner Officer (you can subscribe to the newsletter which is good) if any change in the legislation happens. Now, the UK GDPR is mirroring the EU GDPR (it was a condition to benefit from the adequacy decision for data transfer between the UK and the EU), but in the future things may change.