Changeflow GovPing Government ICO Guidance on Individual Rights and GDPR
Routine Guidance Amended Final

ICO Guidance on Individual Rights and GDPR

ICO GDPR Guidance
Detected February 6th, 2026
Email Set alert

Summary

The UK's Information Commissioner's Office (ICO) has updated its guidance on individual rights under GDPR. This update is in anticipation of the Data (Use and Access) Act 2025 and indicates that further changes may occur. The guidance is primarily aimed at large businesses.

View original document View source feed page

What changed

The Information Commissioner's Office (ICO) has issued updated guidance concerning individual rights under the UK GDPR. This guidance is currently under review due to the upcoming Data (Use and Access) Act 2025, with potential for further revisions. The document provides detailed information on privacy notices, subject access requests (SARs), the right to be informed, automated decision-making, and profiling, alongside resources for businesses.

While this guidance is non-binding, it outlines best practices for compliance with data protection regulations. Organisations, particularly large businesses in the public, private, and third sectors, should review this guidance to ensure their data handling practices align with current and anticipated requirements. Small businesses are directed to separate resources. The ICO has indicated that this guidance may be subject to change as legislative developments occur.

Related changes

ICO Decision Notice: Public Authority Failed FOI Request
Priority review Mar 06, 2026 ICO Decision Notices Data Protection
ICO Upholds FOI Complaint Against Hackney Council
Routine Mar 06, 2026 ICO Decision Notices Data Protection
ICO Rules BFI Requests Vexatious, No Further Action
Routine Mar 06, 2026 ICO Decision Notices Data Protection
Svoboda v. Amazon.com Inc. - Biometric Information Privacy Act Class Action
Priority review Mar 07, 2026 7th Circuit Court of Appeals Federal Courts
AEPD Fines ORNITOLÓGICA DE ANDALUCÍA FOA 131,801 Euros for GDPR Violation
Priority review Mar 07, 2026 AEPD Resolutions (Spain DPA) Data Protection
AEPD Archives Proceedings Against Orange Spain Regarding Portability
Priority review Mar 07, 2026 AEPD Resolutions (Spain DPA) Data Protection

Source

ICO GDPR Guidance ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources
Government
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Information Commissioner's Office
Instrument
Guidance
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Employers Public companies Retailers
Geographic scope
National (UK)

Taxonomy

Primary area
Data Protection
Operational domain
Compliance
Topics
GDPR Individual Rights

Browse Categories

Federal Courts 27 State Courts 105 Securities Regulation 2 Financial Regulation 24 Consumer Protection 2 Drug Safety 15 Data Protection 10 Competition 2 Attorneys General 3 Insurance Regulation 3 Trade & Export 38 Legislation 39 Government 98 Energy Regulation 6 Environment 3 Labor & Employment 2 Tax 1

Get Government alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.