Services

AI Fraud Prevention & Decisioning

Driving Licence Endorsements

Facial Liveness

User Verification

ID Verification

Simplify Onboarding

Markets

Airside

Car Hire

Construction

Crypto & NFT Marketplace

Education

Fintech

Logistics

News

About us

Pricing

Get Access

The GDPR Anniversary: Why Data Privacy Still Matters…. Especially Now

Clara Benson

25 May 2025

2 mins read

25th May marks the anniversary of the General Data Protection Regulation (GDPR) the transformative legislation that redefined how personal data is protected, processed, and prioritised across Europe and the UK.

But this year, the anniversary lands against a new backdrop: the introduction of the Digital Unique Attributes (DUA) Bill. Together, these two frameworks represent not just a compliance obligation—but a once-in-a-generation opportunity to rebuild digital trust from the ground up.

 The Trust Wake-Up Call

Since its implementation in 2018, GDPR has shifted data privacy from a technical conversation to a boardroom priority. It established:

  • Stronger data subject rights

  • Mandatory breach notifications

  • Explicit consent requirements

  • A legal duty to build privacy into design

And while many businesses scrambled to comply, the real winners have been those that saw it for what it truly is: a blueprint for digital trust.

 Privacy Meets Precision

Now, in 2025, the UK government is going one step further with the DUA Bill. It proposes the creation of digitally verifiable unique attributes (like a driving licence number or NI number) that can be used securely across systems making it easier to verify identity without oversharing personal data.

 

Less data. More certainty. Real privacy.

This has huge implications for identity systems, onboarding platforms, and compliance-led businesses. It doesn’t replace GDPR, rather it builds on it, pushing the UK towards a privacy-preserving, interoperable identity ecosystem.

 

Why This Matters for Businesses in 2025

The GDPR laid the legal foundation.
The DUA Bill is about practical, scalable implementation.

For businesses, this means:

  • More control over identity verification processes

  • Reduced risk of fraud and impersonation

  • Minimised exposure of personal data

  • Streamlined, trust-first user experiences

But it also means rethinking how data is collected, verified, and shared, especially in sectors like finance, recruitment, construction, and logistics.

At Xertilox, we are building for this future.

  • We verify identity and documents directly into a reusable wallet

  • We use secure wallets and privacy-by-design architecture to store and manage personal data

  • You have control & transparency over who you digitally share your data with

  • We reduce onboarding time from weeks to minutes, without compromising compliance

  • And we have already built in DUA-style attributes, so we are ready to release them the moment they're legislated

This isn’t just about ticking boxes. It’s about helping our clients move faster, safer, and more transparently in a world where trust is the ultimate currency.

 The GDPR + DUA Opportunity

This GDPR Anniversary, the message is clear:

Compliance is no longer enough.
The bar is now verifiable trust with minimal data exposure.

By aligning your organisation with both GDPR principles and the coming standards of the DUA Bill, you’re not just avoiding risk, you’re building competitive advantage.

👇 Register Your Interest

Be part of the trust-first future. Complete the form below to join our early access list for DUA-ready onboarding and identity tools.


👉 Register your interest now to see the platform in action / Join the DUA-ready list.

✅ Early access to the Xertilox platform & product updates
✅ Exclusive DUA-readiness content
✅ Priority onboarding support