UK Website Guides
112+ practical guides on UK GDPR, PECR, accessibility under the Equality Act 2010, ICO enforcement and UK e-commerce law — written for small businesses on this side of the Channel.
Editor's picks
Free Stock Photo Sources for Business Websites
Find free stock photo sources that are safe for commercial use on your business website. Unsplash, Pexels, Pixabay and more, with license details.
9 min read
Editor's pickAI-Built Website Liability Under UK Law
ICO enforces UK GDPR, PECR and Equality Act against the site owner, not Cursor, Lovable or the developer. EU PLD doesn't apply post-Brexit.
9 min read
Browse by topic
GDPR & Privacy
AI-Built Website Liability Under UK Law
UpdatedICO enforces UK GDPR, PECR and Equality Act against the site owner, not Cursor, Lovable or the developer. EU PLD doesn't apply post-Brexit.
9 min read · Updated May 2026
Complete GDPR Website Audit: Step-by-Step Checklist
UpdatedA step-by-step GDPR audit checklist for your website. Check cookies, tracking, privacy policy, forms, third-party services and security in one pass.
10 min read · Updated Apr 2026
Contact Form GDPR Requirements: Article 13 Compliance
UpdatedWhat a GDPR-compliant contact form needs: Article 13 information, the right legal basis (legitimate interest vs precontractual), unchecked boxes, retention.
9 min read · Updated May 2026
Cookie banner dark patterns: ICO PECR enforcement 2026
UpdatedThe 12 cookie banner dark patterns per EDPB taxonomy. ICO top-100 letter campaign, PECR enforcement and what the scanner detects after clicking reject all.
9 min read · Updated May 2026
Cookie Banner Requirements Under EU Law (2026 Guide)
UpdatedCookie banner requirements in the EU 2026: reject equal to accept, no dark patterns, prior consent. EDPB Guidelines 05/2020 explained.
9 min read · Updated May 2026
Cookie consent in the UK: ICO rules your website must follow
UpdatedCookie consent rules for UK websites. PECR Regulation 6 requirements, ICO guidance, what 'strictly necessary' means and how to test your banner.
12 min read · Updated May 2026
Data Breach Reporting Under GDPR: 72-Hour Notification
UpdatedReport a personal data breach under GDPR Article 33: the 72-hour clock, when notification is required, what to file and when to tell affected individuals.
10 min read · Updated May 2026
Data Processing Agreement (DPA): Article 28 GDPR Guide
UpdatedWhen a third-party service needs a Data Processing Agreement under GDPR Article 28: required clauses, common processors and how to handle DPA refusal.
8 min read · Updated May 2026
Do I Need a Cookie Banner on My UK Website?
UpdatedDo UK websites need a cookie banner? Yes if you run Google Analytics, Facebook Pixel or any tracking. What PECR Regulation 6 and the ICO actually require.
10 min read · Updated May 2026
Do I Need a Cookie Banner? EU Decision Guide
UpdatedSimple decision guide for EU businesses: when does your website actually need a cookie banner? Three questions to find out, with the legal basis explained.
8 min read · Updated May 2026
GDPR Compliance Checklist for Your Website (2026)
UpdatedA practical GDPR checklist for small business websites. Check cookies, privacy policy, consent forms, and tracking scripts.
12 min read · Updated Apr 2026
GDPR compliance for UK businesses: website checklist 2026
UpdatedGDPR compliance for UK businesses in 2026: nine website obligations under UK GDPR and PECR. Privacy notice, cookie consent, ICO fee, Companies House details.
11 min read · Updated May 2026
GDPR Data Retention Periods: Article 5(1)(e) Guide
UpdatedHow long can you keep personal data under GDPR? The Article 5(1)(e) storage limitation principle and retention periods by data category for EU businesses.
9 min read · Updated May 2026
GDPR for UK Hotel Websites: Booking Data, Loyalty and CCTV
UpdatedUK GDPR for hotels in 2026. Hotel booking data, passport scans, dietary needs, loyalty programmes, CCTV and what the ICO checks on hospitality sites.
10 min read · Updated May 2026
GDPR for UK Restaurant Websites: Data, Bookings, and Consent
UpdatedUK GDPR and PECR for restaurant websites: bookings, email signups, cookies, payment data. ICO guidance with examples.
8 min read · Updated May 2026
GDPR Records of Processing: Article 30 Template
UpdatedBuild the Article 30 GDPR record of processing activities. Who is exempt, what to include, controller vs processor versions and a ready-to-fill template.
8 min read · Updated May 2026
Google Analytics and GDPR: Is GA4 Legal in the EU? (2026)
UpdatedCan you use Google Analytics 4 in the EU? The consent requirement, the EU-US DPF transfer mechanism, Consent Mode v2 limits and cookieless alternatives.
10 min read · Updated May 2026
How to Write a UK Privacy Policy: Generator and Guide
UpdatedHow to write a UK GDPR privacy policy. Article 13 disclosures, Companies House details, UK representative rules, the ICO, PECR cookies and DUAA 2025.
12 min read · Updated May 2026
ICO investigation process: what UK firms can expect
UpdatedICO investigation: information notices, 30-day deadlines, formal investigations, fine decisions and appeal routes.
9 min read · Updated May 2026
Is a website trustworthy? 10 signals to check in 2026
UpdatedPractical checks to verify a website is legitimate in 2026. HTTPS, privacy policy, Companies House registration, contact details and certificate validation.
10 min read · Updated May 2026
UK GDPR Article 32: Website Security the ICO Expects
UpdatedUK GDPR Article 32 explained. What ICO security expectations look like, NCSC technical guidance, encryption, access controls and the patch-timing rules.
9 min read · Updated May 2026
UK GDPR fines under the ICO: what penalties look like
UpdatedICO fine bands under UK GDPR: up to £17.5M or 4% of global turnover. Marriott, BA and TikTok cases explained. What SMBs realistically face.
10 min read · Updated May 2026
UK GDPR for Charities: Fundraising, Volunteers, Donor Data
UpdatedUK GDPR for charities in 2026. Fundraising consent, donor data, Gift Aid records, volunteer information and what the Fundraising Regulator now expects.
11 min read · Updated May 2026
UK GDPR vs EU GDPR after Brexit for UK businesses
UpdatedUK GDPR vs EU GDPR for British SMEs in 2026. The Data (Use and Access) Act 2025, PECR cookies, ICO enforcement and when you still need an EU representative.
16 min read · Updated May 2026
UK GDPR vs EU GDPR: Brexit and DUAA 2025 changes
UpdatedUK GDPR vs EU GDPR differences in 2026: when each applies, what the DUAA 2025 changed, adequacy status and dual compliance for UK firms selling to the EU.
10 min read · Updated May 2026
UK website privacy notice requirements after DUAA (2026)
UpdatedThe 14 mandatory elements of a UK GDPR privacy notice. DUAA 2025 changes, new complaint mechanism, recognised legitimate interests and ICO checklist for SMEs.
6 min read · Updated Apr 2026
What the ICO Actually Checks on Your Website in 2026
UpdatedConcrete list of what the ICO checks when a complaint about your UK website lands on its desk. Cookie banner, privacy notice, SAR, breach notification.
11 min read · Updated May 2026
YouTube Embed and GDPR: Cookie-Free Approaches
UpdatedStandard YouTube embeds place tracking cookies before consent. Two compliant patterns under GDPR: youtube-nocookie.com and click-to-load facade, with code.
7 min read · Updated May 2026
Cookie-Script Alone Isn't Enough: What a Full Scan Reveals
UpdatedCookie-Script handles PECR consent well, but a full website audit catches everything it misses: data leaks, image copyright, accessibility and SSL issues.
7 min read · Updated May 2026
Double Opt-in in the UK: Required, Recommended or Optional?
UpdatedIs double opt-in required in the UK? What PECR Reg 22 and the ICO say, how UK practice differs from German Bestätigungsverfahren and when to use it.
8 min read · Updated May 2026
GDPR Fines for Small Businesses: Real Cases and Amounts
UpdatedReal GDPR fines for small businesses run from about 1,000 to 50,000 EUR. See published regulator decisions, what triggers enforcement and how to avoid it.
9 min read · Updated May 2026
GDPR for accountants in the UK: ICAEW, ACCA & AML
UpdatedGDPR for UK accountants. ICAEW/ACCA/AAT standards, MLR 2017 anti-money laundering, client confidentiality, ICO breach notification, and website rules.
9 min read · Updated May 2026
GDPR for dental practices in the UK
UpdatedUK GDPR for dental practices in 2026. Patient data as special category, GDC registration, NHS record retention, online booking and breach notification.
5 min read · Updated May 2026
GDPR for estate agents in the UK: Propertymark & AML
UpdatedGDPR for UK estate agents. Propertymark, MLR 2017 anti-money laundering, viewings, photography, tenancy data, ICO breach notification, and website rules.
7 min read · Updated May 2026
GDPR for hair & beauty salons in the UK: NHBF guide
UpdatedGDPR for UK hair and beauty salons. Treatwell, Phorest, Fresha booking platforms, patch-test records, ICO breach rules, and website compliance.
12 min read · Updated May 2026
GDPR for physiotherapists in the UK: CSP & HCPC
UpdatedGDPR for UK physiotherapy practices. CSP, HCPC, ICO data fee, patient-record retention, online booking, and ICO breach notification under UK GDPR.
14 min read · Updated May 2026
GDPR for UK solicitors: SRA, Law Society, ICO rules
UpdatedUK GDPR for solicitors. SRA Standards, Law Society guidance, LPP overlap, MLR 2017 retention and website compliance.
5 min read · Updated May 2026
GDPR for veterinary practices in the UK: RCVS & ICO
UpdatedGDPR for UK veterinary practices. RCVS Code, pet-owner data, clinical-record retention, online booking, payment, and breach notification under UK GDPR.
14 min read · Updated May 2026
Newsletter Signup Forms: UK GDPR and PECR Requirements
UpdatedWhat a UK newsletter signup form must do under PECR Reg 22 and UK GDPR Art 7. Consent wording, opt-in vs opt-out, source records and ICO evidence rules.
9 min read · Updated May 2026
Pre-Ticked Checkboxes: Why They Fail UK Consent Rules
UpdatedWhy pre-ticked checkboxes fail UK consent rules. PECR Reg 6, UK GDPR Art 7, the Planet49 ruling and what the ICO checks on cookie banners and signup forms.
8 min read · Updated May 2026
Third-party tracking on UK websites: find and consent
UpdatedFind trackers (Google Analytics, Facebook Pixel, YouTube, Maps). UK PECR Reg 6 and UK GDPR Article 6 consent rules.
11 min read · Updated May 2026
Product Liability Directive 2024/2853: 9 Dec 2026
UpdatedDirective (EU) 2024/2853 makes software and AI 'products' for strict liability on 9 Dec 2026. What it means for SMBs, and what it does not change.
9 min read · Updated May 2026
The EU AI Act for Website Owners (2026)
UpdatedArticle 50 applies 2 Aug 2026. For most SMB sites it creates almost no new obligations. Here's the honest checklist before the deadline.
11 min read · Updated May 2026
Accessibility
Does the European Accessibility Act Apply to Your Business?
UpdatedThe EAA became enforceable in June 2025. Find out if it applies to your business, what it requires and what happens if you don't comply.
9 min read · Updated Apr 2026
EAA Penalties: What Happens If Your Website Isn't Accessible
UpdatedThe European Accessibility Act is enforceable. Here are the penalties for non-compliance and what enforcement looks like in practice.
9 min read · Updated May 2026
EHRC Investigations of Websites: When and How They Trigger
UpdatedHow the EHRC investigates UK website accessibility under the Equality Act 2006. Section 21 unlawful-act notices, what triggers them and how to respond.
10 min read · Updated May 2026
Equality Act 2010 damages: Vento bands for websites
UpdatedEquality Act 2010 damages for UK website accessibility claims. Vento bands for injury to feelings plus actual losses. Civil damages, not regulatory fines.
10 min read · Updated May 2026
Equality Act 2010: Website Accessibility for UK Businesses
UpdatedEquality Act website accessibility UK: section 20 reasonable adjustments, section 29 services duty, WCAG 2.2 AA as evidence of reasonableness.
8 min read · Updated May 2026
Free UK Accessibility Statement Template 2026 (WCAG 2.2 AA)
UpdatedFree UK accessibility statement template (WCAG 2.2 AA), copy-paste ready. Covers Equality Act 2010 reasonable adjustments and EHRC enforcement.
8 min read · Updated May 2026
WCAG 2.2 AA in UK law: how it fits Equality Act 2010
UpdatedWCAG 2.2 AA is not UK statute for private firms but is the benchmark UK courts and the EHRC apply under the Equality Act.
15 min read · Updated May 2026
Website accessibility and the Equality Act 2010
UpdatedThe EAA does not apply in the UK. Equality Act 2010 anticipatory duty, WCAG 2.1 AA as the de facto benchmark, EHRC enforcement and the public-sector PSBAR.
10 min read · Updated May 2026
5 quick accessibility wins for UK small business sites
UpdatedFive concrete fixes that take hours, not weeks, to implement and align your site with WCAG 2.1 and the Equality Act 2010.
7 min read · Updated May 2026
Accessibility Statement: What It Is and How to Write One
UpdatedAn accessibility statement shows your commitment to an accessible website. Here's what to include and a template you can use.
8 min read · Updated May 2026
Website Accessibility Overlays vs. Real Compliance
UpdatedAccessibility overlays promise a one-click fix but don't deliver. Learn why they fail and what actually works.
8 min read · Updated Apr 2026
Hotel Website Accessibility: EAA Booking Rules
UpdatedHotel booking systems need to work for everyone. Here's how to make your hotel website accessible and meet EAA requirements.
8 min read · Updated Apr 2026
PSBAR 2018: Accessibility Rules for Public Sector Suppliers
UpdatedPSBAR 2018 makes UK public sector bodies meet WCAG 2.2 AA and publish accessibility statements. What suppliers and procurement teams need to know in 2026.
9 min read · Updated May 2026
Security
My Website Says 'Not Secure'. Here's How to Fix It
UpdatedYour browser shows 'Not Secure' for your website? Here's what it means and how to fix it step by step.
6 min read · Updated Apr 2026
Website Hacked? UK Incident Response in the First 72 Hours
UpdatedWebsite hacked? UK incident response in the first 72 hours. ICO Article 33 notification, Article 34 user alerts, Action Fraud reporting and NCSC steps.
9 min read · Updated May 2026
Website Security Checklist: 10 Things to Check Today
UpdatedA practical security checklist for small business websites. 10 things you can check and fix today without technical expertise.
8 min read · Updated Apr 2026
GDPR Requires a Secure Website: What You Need to Know
UpdatedGDPR Article 32 requires you to protect personal data with appropriate security. Here's what that means for your website.
8 min read · Updated Apr 2026
How to verify WordPress plugin security: NVD and CVE
UpdatedLearn how UK site owners can check if WordPress plugins are genuinely vulnerable. NVD, Wordfence, Patchstack and ICO Article 32 guidance explained.
9 min read · Updated May 2026
Vulnerable WordPress Plugins: How to Check and Fix Them
UpdatedVulnerable WordPress plugins are the top attack vector for small business sites and a GDPR Article 32 risk. How to check, patch and audit your plugins.
7 min read · Updated Apr 2026
Website Hacked? Here's What to Do Right Now
UpdatedYour website has been hacked or shows signs of malware. Here are the steps to take right now to contain the damage and get back online.
10 min read · Updated Apr 2026
What Does a Website Security Scan Check?
UpdatedWhat a website security scan actually checks: SSL, headers, vulnerable libraries, outdated CMS and more. Learn what the results mean and how to fix issues.
11 min read · Updated Apr 2026
When your domain expires: UK and generic TLD timelines
UpdatedDomain expiry follows different rules for UK and generic TLDs. Exact timelines, suspension periods, redemption costs, prevention.
10 min read · Updated May 2026
SSL Certificate: What It Is, Why You Need It
UpdatedAn SSL certificate encrypts data between your website and visitors. Here's what it does, why you need one and how to get one for free.
7 min read · Updated May 2026
Legal Pages
Company website trading disclosures in the UK (2026)
UpdatedMandatory website disclosures for UK companies. Companies Act 2006 s.82, E-Commerce Regulations 2002 and the s.83 contract enforcement stick.
6 min read · Updated Apr 2026
ODR Platform Abolished: Remove the Link From Your Website
UpdatedODR platform abolished July 2025. If your website still links to the EU Online Dispute Resolution platform, here is what to do.
11 min read · Updated Apr 2026
Companies House number on Google Business Profile?
UpdatedCompanies House number on Google Business Profile: UK law names the website, not GBP. Put it there anyway. Companies Act 2006 s.82-83 explained.
9 min read · Updated May 2026
Germany: §5 DDG Replaced §5 TMG, Update Your Impressum
UpdatedThe German TMG was replaced by the DDG in 2024. If your Impressum still references TMG, here is what changed and how to update it.
11 min read · Updated Apr 2026
E-Commerce
CDPA 1988: how UK image infringement claims work
UpdatedHow CDPA 1988 applies to UK website image claims. Sections 16 and 17, damages under s.96-97, the notional licence fee and the IPEC vs High Court routes.
11 min read · Updated May 2026
Companies House website disclosures under UK law
UpdatedWhat a UK limited company site must show under Companies Act 2006 s.82, the 2015 Trading Disclosures Regs and E-Commerce Regs 2002.
12 min read · Updated May 2026
Consumer Rights Act 2015: What UK Websites Must Disclose
UpdatedMandatory disclosures for UK e-commerce under the Consumer Rights Act 2015 and Consumer Contracts Regulations 2013, and what Trading Standards enforce.
10 min read · Updated May 2026
DMCCA 2024: 10% Turnover Fines for Dark Patterns on UK Sites
UpdatedDMCCA 2024 gives the CMA power to fine UK sites up to 10% of global turnover for drip pricing, fake reviews and subscription traps. What's prohibited and when.
9 min read · Updated May 2026
DMCCA fines 2025: 10% of global turnover for UK firms
UpdatedDMCCA fines 2025: 10% global turnover for UK firms, £300,000 for individuals, plus daily continuing-breach penalties.
9 min read · Updated May 2026
PicRights UK Letter: How Much to Actually Pay (Step-by-Step)
UpdatedGot a PicRights UK letter? Realistic settlements are £150-£800, not the demand amount. How to verify the claim under CDPA 1988 and respond.
10 min read · Updated May 2026
UK online cancellation: DMCCA 2024 and CCRs 2013
UpdatedUK online cancellation 2026: CCRs 2013 14-day cooling-off, DMCCA 2024 subscriptions and CMA powers up to 10% turnover.
5 min read · Updated Apr 2026
"Buy Now" vs "Order": Why Your Button Text Matters Legally
UpdatedEU law requires specific wording on order buttons. The wrong text could make your orders non-binding. Here's what your checkout button must say.
7 min read · Updated Apr 2026
EU Checkout Rules: Button Text, Pricing, Consent
UpdatedEU checkout rules under Directive 2011/83/EU: order button text, price display, withdrawal rights and consent before the customer clicks Buy.
10 min read · Updated Apr 2026
EU Consumer Rights for Online Sellers: Plain-Language Guide
UpdatedEU consumer rights for online sellers: the 14-day withdrawal right, Omnibus pricing rules and pre-contractual disclosures in plain language.
9 min read · Updated May 2026
UK Order-Button Labels: 'Order and Pay' Rules in 2026
UpdatedWhat UK law says about the order-confirmation button. Consumer Contracts Regs 2013 Reg 14, CRA 2015, DMCCA 2024 and what 'order with obligation to pay' means.
8 min read · Updated May 2026
EU 14-Day Right of Withdrawal: Rules, Exceptions & Refunds
UpdatedEU 14-day right of withdrawal explained: when it starts, 8 exemptions, 14-day refund deadline, 12-month penalty for not informing buyers.
9 min read · Updated May 2026
EU Omnibus Price Display: The 30-Day Prior Price Rule
UpdatedThe EU Omnibus Directive's price-display rule requires showing the lowest price from the past 30 days when you advertise any discount. Here is what counts.
9 min read · Updated May 2026
Email Marketing
Is Double Opt-in Required? It Depends on the Country
UpdatedIs double opt-in required? Yes in Germany, recommended in Austria, optional elsewhere. What ePrivacy and GDPR say per country.
9 min read · Updated May 2026
Newsletter Signup Forms: GDPR Requirements
UpdatedYour newsletter signup form needs more than a checkbox. Here are the GDPR rules for email consent, what to store and how to avoid common mistakes.
9 min read · Updated May 2026
Pre-checked Signup Boxes Are Illegal: Here's Why
UpdatedPrechecked checkbox illegal under GDPR: the CJEU Planet49 ruling (C-673/17) confirms pre-ticked boxes do not produce valid consent. What to fix on your forms.
10 min read · Updated May 2026
SPF, DKIM and DMARC: Email Security in Plain Language
UpdatedSPF, DKIM and DMARC explained simply. Learn what they do, why you need them and how to set them up for your domain.
7 min read · Updated May 2026
Why Your Business Emails End Up in Spam (And How to Fix It)
UpdatedBusiness emails landing in spam? You're probably missing SPF, DKIM or DMARC records. Here's what they are and how to set them up.
8 min read · Updated Apr 2026
Email Marketing Consent: Country-by-Country Rules
UpdatedEmail marketing rules differ across Europe. Here are the consent requirements for the Netherlands, Germany, UK, Belgium and more.
11 min read · Updated Apr 2026
EU Soft Opt-in: Email Customers Without Consent
UpdatedThe soft opt-in lets you email existing customers without explicit consent. But strict conditions apply. Here's how it works.
8 min read · Updated May 2026
Images & Copyright
Are Copytrack and PicRights Claims Legitimate? (EU Guide)
UpdatedHow to verify whether a Copytrack or PicRights copyright claim is legitimate under EU law: the mandate test, the originality test and what to do next.
7 min read · Updated May 2026
Getty Images letter UK: CDPA 1988 response guide
UpdatedGetty Images letter on a UK website? What CDPA 1988 says, how IPEC handles single-image claims and how to respond without overpaying.
12 min read · Updated May 2026
How Much Does a Copyright Claim Actually Cost? (EU)
UpdatedHow much a copyright claim costs in the EU: real settlement ranges for Getty Images, Copytrack and PicRights demands plus what drives the price up or down.
7 min read · Updated May 2026
Should you ignore a copyright demand letter?
UpdatedNever ignore a copyright demand letter from Getty, Copytrack or any image holder. Here's what to do instead and how UK courts handle these claims.
8 min read · Updated May 2026
AI-Generated Code and Open-Source Licences (UK)
UpdatedCopilot or Cursor wrote GPL code into your site. UK Consumer Protection Act, not the EU PLD. What Doe v. GitHub decided and what to do about it.
10 min read · Updated May 2026
AI-Generated Images on UK Business Websites (2026)
UpdatedGetty v Stability AI was narrower than the headlines. The four risk layers a UK SMB owner should check before publishing AI-generated images.
10 min read · Updated May 2026
Food photos on UK restaurant menus: CDPA 1988 rules
UpdatedFood photos from the internet are nearly always copyrighted under CDPA 1988. Using one without permission risks a demand letter.
6 min read · Updated May 2026
Free Stock Photo Sources for Business Websites
UpdatedFind free stock photo sources that are safe for commercial use on your business website. Unsplash, Pexels, Pixabay and more, with license details.
9 min read · Updated May 2026
How to Scan Your Website for Copyrighted Images
UpdatedLearn how to find copyrighted images on your website before enforcement agencies do. Manual and automated methods to check every image.
6 min read · Updated May 2026
Salon portfolio photos: copyright and client consent
UpdatedBefore/after salon photos create two legal issues: copyright ownership and GDPR consent. Here's who owns the photo and what permission you need.
10 min read · Updated May 2026
Image Licensing: UK Law vs EU Law After Brexit
UpdatedImage licensing UK vs EU after Brexit: CDPA 1988 against the DSM Directive, the UK orphan works route and what UK image claim letters look like.
11 min read · Updated May 2026
Consumer Rights
CMA investigations under DMCCA 2024: UK guide 2026
UpdatedDMCCA 2024 gave the CMA direct enforcement over UK online businesses. What triggers a CMA investigation, how the process runs and what you owe in 2026.
8 min read · Updated May 2026
UK VAT Display Rules for Websites: What You Must Show
UpdatedUK consumer websites must display VAT-inclusive prices under CPUTRs 2008 and HMRC pricing guidance. Read which display formats are compliant and which are not.
7 min read · Updated May 2026
Images
When is your business liable for unlicensed images?
UpdatedIf your web designer used copyrighted images without permission, your business is usually liable. Here's what UK law says and how to protect yourself.
11 min read · Updated May 2026
How Our Image Copyright Check Tool Detects Unlicensed Photos
UpdatedOur image copyright check tool detects stock photo CDN matches, embedded metadata and watermark traces on every page of your website. Here is how it works.
9 min read · Updated May 2026
Legal Requirements
Privacy
Data (Use and Access) Act 2025: UK website changes
UpdatedData (Use and Access) Act 2025 reforms UK GDPR and the DPA 2018 from Royal Assent on 19 June 2025. What changes for UK websites and what stays the same.
9 min read · Updated May 2026
DPA 2018 vs UK GDPR: Which Law Applies to Your Website?
UpdatedThe DPA 2018 and UK GDPR work together but cover different ground. Which applies to your website, when DPA exemptions bite and how they interact in 2026.
10 min read · Updated May 2026
Legitimate interests for marketing: UK GDPR LIA test
UpdatedLegitimate interests under UK GDPR Article 6(1)(f). How UK businesses pass the three-part LIA test for marketing and when PECR consent rules still apply.
8 min read · Updated May 2026