http://www.legislation.gov.uk/id/ukpga/2025/18

Part 1Access to customer data and business data

Supplementary

20Restrictions on processing and data protection

(1)

Except as provided by subsection (2), regulations under this Part may provide for the processing of information in accordance with the regulations not to be in breach of—

(a)

any obligation of confidence owed by the person processing the information, or

(b)

any other restriction on the processing of information (however imposed).

(2)

Regulations under this Part are not to be read as authorising or requiring processing of personal data that would contravene the data protection legislation (but in determining whether particular processing of data would do so, take into account the power conferred or duty imposed by the provision of the regulations in question).

(3)

In this section—

“the data protection legislation” has the same meaning as in the Data Protection Act 2018 (see section 3(9) of that Act);

“personal data” has the same meaning as in that Act (see section 3(2) of that Act).