The GDPR (General Data Protection Regulation) is Europe's new framework for data protection laws – it replaces the previous 1995 data protection directive, which current UK law is based upon. In May 2018 it was adopted into UK law and incorporated into the Data Protection Act 2018. It will remain as part of UK law after Brexit in 2019.

In response to this new regulation the Trust adopted the following documents in April 2018: