Offering clear and practical guidance on the UK Data (Use and Access) Act 2025, this webinar is designed to support providers to understand key legal changes and implementation policies to ensure they remain compliant. It will focus on the direct impact of the new legislation on areas like handling subject access requests, data for research, and marketing activities.
The UK’s data protection landscape is evolving. With the new Data (Use and Access) Act 2025, professionals in the education sector must understand key changes to stay compliant and protect personal data. This one-hour webinar will cut through the legal jargon and provide a clear, practical guide to the new legislation, focusing on its direct impact on schools, colleges, and training providers.
During this short webinar, the following topics will be covered:
Subject Access Requests (DSARs): Discover how the new law codifies the “reasonable and proportionate search” principle, empowering you to manage complex requests more effectively and reduce administrative burden.
Research and Data: Understand the clarified legal meanings of “scientific research,” “historical research,” and “statistical purposes” and what this means for reusing data for research within your institution.
Consent and Your Privacy Notices: We’ll explore the updated approach to consent for scientific research and how it might apply to your institution’s work.
Recognised Legitimate Interests: We’ll examine the new list of “recognised legitimate interests” and its limited but important application in the education sector, particularly for safeguarding and public interest activities.
Processing for Research and Archiving: Learn about the new safeguards for processing data for research, archiving, and scientific/historical purposes, ensuring you remain compliant while carrying out vital work.
Cookies and Marketing: We’ll break down the slightly relaxed cookie consent rules and how the “soft opt-in” for email marketing has been extended to charities, and what that means for your institution’s fundraising and engagement activities.
Increased Fines: We’ll highlight the alignment of maximum fines under the Privacy and Electronic Communications Regulations (PECR) with UK GDPR, underscoring the importance of getting this right.
Key takeaways include:
A clear understanding of the new Data (Use and Access) Act 2025.
Practical steps to update your institution’s data protection policies and procedures.
Actionable guidance on handling subject access requests and managing data for research.
Confidence in your ability to navigate the new data protection landscape and ensure compliance.
Register now to secure your spot!
Based in Edinburgh, Trevor leads Shakespeare Martineau Data Protection and Privacy practice. He is triple-qualified as a solicitor in Scotland, England & Wales, and British Columbia (non-practising status) and is also a Law Society of Scotland Certified Specialist in Cyber Security. With 18 years’ experience both in-house and in private practice, Trevor advises clients on data protection and privacy (especially GDPR and PECR), commercial contracts, and small business mergers and acquisitions.
.
12:15 – 13:15 | Live webinar
(Agenda subject to change)