Wednesday 10th September, 12pm UK | The Data (Use and Access) Act 2025 has introduced the most significant changes to UK data protection since UK GDPR came into force.
While the DUAA does not replace the UK GDPR, DPA 2018, or PECR, it fundamentally reshapes how organisations process personal data, manage subject access, handle cookies, and apply legitimate interests.
From broad consent in scientific research to new “recognised legitimate interests”, a reformed approach to automated decision-making, and expanded cookie exemptions, the DUAA aims to reduce burdens while maintaining high standards of data protection.
However, these reforms are complex, with staged implementation, new requirements for children’s services, higher PECR fines, and further changes around international transfers.
Join us for this one-hour live webinar, where VinciWorks compliance experts will break down the practical impact of the DUAA on your data protection strategy. We’ll cover how you can adapt existing GDPR and DPA 2018 compliance frameworks, avoid missteps, and ensure your organisation is prepared for the future of data protection.
The webinar will cover:
- What the DUAA changes (and what it leaves intact)
- Research, broad consent and new lawful bases for processing
- Changes to subject access rights and proportionality
- Cookie rules, soft opt-in for charities, and PECR fines
- Automated decision-making and AI compliance under the DUAA
- Data transfers and adequacy under the new “data protection test”
- Best practice preparation steps and DUAA readiness checklist
